CVE-2024-35900

Updated:

Description:

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject new basechain after table flag update When dormant flag is toggled, hooks are disabled in the commit phase by iterating over current chains in table (existing and new). The following configuration allows for an inconsistent state: add table x add chain x y { type filter hook input priority 0; } add table x { flags dormant; } add chain x w { type filter hook input priority 1; } which triggers the following warning when trying to unregister chain w which is already unregistered. [ 127.322252] WARNING: CPU: 7 PID: 1211 at net/netfilter/core.c:50 1 __nf_unregister_net_hook+0x21a/0x260 [...] [ 127.322519] Call Trace: [ 127.322521] <TASK> [ 127.322524] ? __warn+0x9f/0x1a0 [ 127.322531] ? __nf_unregister_net_hook+0x21a/0x260 [ 127.322537] ? report_bug+0x1b1/0x1e0 [ 127.322545] ? handle_bug+0x3c/0x70 [ 127.322552] ? exc_invalid_op+0x17/0x40 [ 127.322556] ? asm_exc_invalid_op+0x1a/0x20 [ 127.322563] ? kasan_save_free_info+0x3b/0x60 [ 127.322570] ? __nf_unregister_net_hook+0x6a/0x260 [ 127.322577] ? __nf_unregister_net_hook+0x21a/0x260 [ 127.322583] ? __nf_unregister_net_hook+0x6a/0x260 [ 127.322590] ? __nf_tables_unregister_hook+0x8a/0xe0 [nf_tables] [ 127.322655] nft_table_disable+0x75/0xf0 [nf_tables] [ 127.322717] nf_tables_commit+0x2571/0x2620 [nf_tables]

CVSS3: 5.5


Vendor State

OS Vendor version Errata
RHEL 8 4.18.0-553.16.1.el8_10 RHSA-2024:5101
Oracle Linux 8 4.18.0-553.16.1.el8_10 ELSA-2024-5101
Ubuntu 20.04 5.4.0-189.209 USN-6896-1
Ubuntu 20.04 AWS 5.4.0-1128.138 USN-6896-5
AlmaLinux 8 4.18.0-553.16.1.el8_10 ALSA-2024:5101
Ubuntu 20.04 Azure 5.4.0-1133.140 USN-6896-1
Rocky Linux 8 4.18.0-553.16.1.el8_10 RLSA-2024:5101
Ubuntu 22.04 5.15.0-116.126 USN-6898-1
Ubuntu 22.04 AWS 5.15.0-1065.71 USN-6898-3
Ubuntu 22.04 Azure 5.15.0-1068.77 USN-6917-1
RHEL 9 5.14.0-503.11.1.el9_5 RHSA-2024:9315
Ubuntu 20.04 HWE Azure 5.15.0-1068.77~20.04.1 USN-6917-1
Ubuntu 20.04 GCP 5.4.0-1132.141 USN-6896-1
Ubuntu 24.04 6.8.0-38.38 USN-6893-1

KernelCare State

OS Original kernel version State
RHEL 8
4.18.0-553.el8_10 show all hide all
4.18.0-553.5.1.el8_10 4.18.0-553.8.1.el8_10
Released
Oracle Linux 8
4.18.0-553.el8_10 show all hide all
4.18.0-553.5.1.el8_10 4.18.0-553.8.1.el8_10
Released
CloudLinux OS 8
4.18.0-553.lve.el8 show all hide all
4.18.0-553.5.1.lve.el8 4.18.0-544.lve.el8 4.18.0-553.5.1.lve.1.el8 4.18.0-553.8.1.lve.el8
Released
CloudLinux OS 7h
4.18.0-553.lve.el7h show all hide all
4.18.0-553.5.1.lve.el7h 4.18.0-553.8.1.lve.el7h 4.18.0-553.5.1.lve.1.el7h
Released
Ubuntu 20.04
In Progress
Ubuntu 20.04 AWS
Planned
AlmaLinux 8
4.18.0-553.el8_10 show all hide all
4.18.0-553.5.1.el8_10 4.18.0-553.8.1.el8_10
Released
Ubuntu 20.04 Azure
In Progress
Rocky Linux 8
4.18.0-553.el8_10 show all hide all
4.18.0-553.5.1.el8_10 4.18.0-553.8.1.el8_10
Released
Ubuntu 22.04
Ready For Release
Ubuntu 22.04 AWS
Planned
Ubuntu 22.04 Azure
Planned
RHEL 9
Ready For Release
Ubuntu 20.04 HWE Azure
Planned
Ubuntu 20.04 GCP
In Progress
Ubuntu 24.04
Planned