NVD

CVE-2024-26609 Detail

Rejected

CVE has been marked "REJECT" in the CVE List. These CVEs are stored in the NVD, but do not show up in search results.

Description

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Metrics

NVD enrichment efforts reference publicly available information to associate vector strings. CVSS information contributed by other sources is also displayed.

CVSS 4.0 Severity and Vector Strings:

NIST: NVD

N/A

NVD assessment not yet provided.

CVSS 3.x Severity and Vector Strings:

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

CVSS 2.0 Severity and Vector Strings:

National Institute of Standards and Technology

NIST: NVD

Base Score: N/A

NVD assessment not yet provided.

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink	Resource

Weakness Enumeration

CWE-ID	CWE Name	Source

Change History

3 change records found show changes

CVE Modified by kernel.org 3/12/2024 10:15:07 AM

Action	Type	Old Value	New Value
Changed	Description	Record truncated, showing 500 of 736 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject QUEUE/DROP verdict parameters This reverts commit e0abdadcc6e1. core.c:nf_hook_slow assumes that the upper 16 bits of NF_DROP verdicts contain a valid errno, i.e. -EPERM, -EHOSTUNREACH or similar, or 0. Due to the reverted commit, its possible to provide a positive value, e.g. NF_ACCEPT (1), which results in use-after-free. Its not clear to me why this commit was made. NF_QUEUE is not used by n	Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
Removed	Reference	Linux https://git.kernel.org/stable/c/4e66422f1b56149761dc76030e6345d1cca6f869
Removed	Reference	Linux https://git.kernel.org/stable/c/55a60251fa50d4e68175e36666b536a602ce4f6c
Removed	Reference	Linux https://git.kernel.org/stable/c/6653118b176a00915125521c6572ae8e507621db
Removed	Reference	Linux https://git.kernel.org/stable/c/8365e9d92b85fda975a5ece7a3a139cb964018c8
Removed	Reference	Linux https://git.kernel.org/stable/c/8e34430e33b8a80bc014f3efe29cac76bc30a4b4
Removed	Reference	Linux https://git.kernel.org/stable/c/960cf4f812530f01f6acc6878ceaa5404c06af7b
Removed	Reference	Linux https://git.kernel.org/stable/c/f05a497e7bc8851eeeb3a58da180ba469efebb05
Removed	Reference	Linux https://git.kernel.org/stable/c/f342de4e2f33e0e39165d8639387aa6c19dff660

New CVE Received by NIST 3/11/2024 2:15:19 PM

Action	Type	New Value
Added	Description	Record truncated, showing 500 of 736 characters. View Entire Change Record In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject QUEUE/DROP verdict parameters This reverts commit e0abdadcc6e1. core.c:nf_hook_slow assumes that the upper 16 bits of NF_DROP verdicts contain a valid errno, i.e. -EPERM, -EHOSTUNREACH or similar, or 0. Due to the reverted commit, its possible to provide a positive value, e.g. NF_ACCEPT (1), which results in use-after-free. Its not clear to me why this commit was made. NF_QUEUE is not used by n
Added	Reference	Linux https://git.kernel.org/stable/c/4e66422f1b56149761dc76030e6345d1cca6f869 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/55a60251fa50d4e68175e36666b536a602ce4f6c [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/6653118b176a00915125521c6572ae8e507621db [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/8365e9d92b85fda975a5ece7a3a139cb964018c8 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/8e34430e33b8a80bc014f3efe29cac76bc30a4b4 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/960cf4f812530f01f6acc6878ceaa5404c06af7b [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/f05a497e7bc8851eeeb3a58da180ba469efebb05 [No types assigned]
Added	Reference	Linux https://git.kernel.org/stable/c/f342de4e2f33e0e39165d8639387aa6c19dff660 [No types assigned]

Quick Info

CVE Dictionary Entry:
CVE-2024-26609
NVD Published Date:
03/11/2024
NVD Last Modified:
03/12/2024
Source:
kernel.org

You are viewing this page in an unauthorized frame window.

Information Technology Laboratory

National Vulnerability Database

National Vulnerability Database

CVE-2024-26609 Detail

Description

Metrics

References to Advisories, Solutions, and Tools

Weakness Enumeration

Change History

CVE Modified by kernel.org 3/12/2024 10:15:07 AM

CVE Rejected by kernel.org 3/12/2024 10:15:07 AM

New CVE Received by NIST 3/11/2024 2:15:19 PM

Quick Info