CVE-2024-26642

Updated: 2024-05-23 06:16:09.817387

Description:

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x NONE 0
CVSS Version 3.x MEDIUM 4.7

Status

OS name Project name Version Score Severity Status Errata Last updated

Statement

AlmaLinux 9.2 ESU kernel 5.14.0 4.7 MEDIUM Released CLSA-2024:1719231016 2024-06-24 10:11:49
AlmaLinux 9.2 FIPS kernel 5.14.0 4.7 MEDIUM Released CLSA-2024:1719241565 2024-06-24 11:21:49
CentOS 6 ELS kernel 2.6.32 4.7 MEDIUM Not Vulnerable 2024-06-11 11:20:44
CentOS 7 ELS kernel 3.10.0 4.7 MEDIUM Ignored 2024-06-24 11:21:47
CentOS 8.4 ELS kernel 4.18.0 4.7 MEDIUM Released CLSA-2024:1719932549 2024-07-02 11:13:35
CentOS 8.5 ELS kernel 4.18.0 4.7 MEDIUM Released CLSA-2024:1719933179 2024-07-02 14:28:37
CentOS Stream 8 ELS kernel 4.18.0 4.7 MEDIUM Already Fixed 2024-06-09 14:20:10
CloudLinux 6 ELS kernel 2.6.32 4.7 MEDIUM Not Vulnerable 2024-06-11 11:20:44
Oracle Linux 6 ELS kernel 2.6.32 4.7 MEDIUM Not Vulnerable 2024-06-11 11:20:43
Ubuntu 16.04 ELS linux-hwe 4.15.0 4.7 MEDIUM Released CLSA-2024:1719567415 2024-06-28 11:21:26
Total: 12