CVE-2024-26925
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-26925
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26925.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2024-26925
- Related
- Published
- 2024-04-25T06:15:57Z
- Modified
- 2024-11-05T11:50:04.894026Z
- Summary
- [none]
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nftables: release mutex after nftgcseqend from abort path
The commit mutex should not be released during the critical section between nftgcseqbegin() and nftgcseqend(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence.
nftablesmoduleautoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nftgcseqend() is called.
- References
-
- https://git.kernel.org/stable/c/0d459e2ffb541841714839e8228b845458ed3b27
- https://git.kernel.org/stable/c/2cee2ff7f8cce12a63a0a23ffe27f08d99541494
- https://git.kernel.org/stable/c/61ac7284346c32f9a8c8ceac56102f7914060428
- https://git.kernel.org/stable/c/8038ee3c3e5b59bcd78467686db5270c68544e30
- https://git.kernel.org/stable/c/8d3a58af50e46167b6f1db47adadad03c0045dae
- https://git.kernel.org/stable/c/a34ba4bdeec0c3b629160497594908dc820110f1
- https://git.kernel.org/stable/c/eb769ff4e281f751adcaf4f4445cbf30817be139
- https://security-tracker.debian.org/tracker/CVE-2024-26925
Affected packages
Debian:11 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.10.216-1
Affected versions
5.*
5.10.46-4
5.10.46-5
5.10.70-1~bpo10+1
5.10.70-1
5.10.84-1
5.10.92-1~bpo10+1
5.10.92-1
5.10.92-2
5.10.103-1~bpo10+1
5.10.103-1
5.10.106-1
5.10.113-1
5.10.120-1~bpo10+1
5.10.120-1
5.10.127-1
5.10.127-2~bpo10+1
5.10.127-2
5.10.136-1
5.10.140-1
5.10.148-1
5.10.149-1
5.10.149-2
5.10.158-1
5.10.158-2
5.10.162-1
5.10.178-1
5.10.178-2
5.10.178-3
5.10.179-1
5.10.179-2
5.10.179-3
5.10.179-4
5.10.179-5
5.10.191-1
5.10.197-1
5.10.205-1
5.10.205-2
5.10.209-1
5.10.209-2
Debian:12 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.1.90-1
Debian:13 / linux
Package
- Name
- linux
- Purl
- pkg:deb/debian/linux?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed6.8.9-1
Affected versions
6.*
6.1.27-1
6.1.37-1
6.1.38-1
6.1.38-2~bpo11+1
6.1.38-2
6.1.38-3
6.1.38-4~bpo11+1
6.1.38-4
6.1.52-1
6.1.55-1~bpo11+1
6.1.55-1
6.1.64-1
6.1.66-1
6.1.67-1
6.1.69-1~bpo11+1
6.1.69-1
6.1.76-1~bpo11+1
6.1.76-1
6.1.82-1
6.1.85-1
6.1.90-1~bpo11+1
6.1.90-1
6.1.94-1~bpo11+1
6.1.94-1
6.1.98-1
6.1.99-1
6.1.106-1
6.1.106-2
6.1.106-3
6.1.112-1
6.1.115-1
6.3.1-1~exp1
6.3.2-1~exp1
6.3.4-1~exp1
6.3.5-1~exp1
6.3.7-1~bpo12+1
6.3.7-1
6.3.11-1
6.4~rc6-1~exp1
6.4~rc7-1~exp1
6.4.1-1~exp1
6.4.4-1~bpo12+1
6.4.4-1
6.4.4-2
6.4.4-3~bpo12+1
6.4.4-3
6.4.11-1
6.4.13-1
6.5~rc4-1~exp1
6.5~rc6-1~exp1
6.5~rc7-1~exp1
6.5.1-1~exp1
6.5.3-1~bpo12+1
6.5.3-1
6.5.6-1
6.5.8-1
6.5.10-1~bpo12+1
6.5.10-1
6.5.13-1
6.6.3-1~exp1
6.6.4-1~exp1
6.6.7-1~exp1
6.6.8-1
6.6.9-1
6.6.11-1
6.6.13-1~bpo12+1
6.6.13-1
6.6.15-1
6.6.15-2
6.7-1~exp1
6.7.1-1~exp1
6.7.4-1~exp1
6.7.7-1
6.7.9-1
6.7.9-2
6.7.12-1~bpo12+1
6.7.12-1