CVE-2024-42070

MEDIUM EPSS 20.1%
Published Jul 29, 20241y ago · Modified Jun 17, 20261w ago
5.5 CVSS 3.1
Medium
Find Similar
Published Jul 29, 2024 1y ago
Last Modified Jun 17, 2026 1w ago

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.

CVSS Details

Base Score
5.5
Exploitability
1.8
Impact
3.6
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Attack Vector Local
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope Unchanged
Confidentiality None
Integrity None
Availability High

Threat Intelligence

EPSS Exploit Probability
20.1% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-401

Affected Products 8

VendorProductVersionRange
linuxlinux_kernel* <3.13
linuxlinux_kernel*≥3.14  –  <4.19.317
linuxlinux_kernel*≥4.20  –  <5.4.279
linuxlinux_kernel*≥5.5  –  <5.10.221
linuxlinux_kernel*≥5.11  –  <5.15.162
linuxlinux_kernel*≥5.16  –  <6.1.97
linuxlinux_kernel*≥6.2  –  <6.6.37
linuxlinux_kernel*≥6.7  –  <6.9.8

References 12

  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-265688.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-398330.html
  • cert-portal.siemens.com https://cert-portal.siemens.com/productcert/html/ssa-613116.html
  • git.kernel.org https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa1c2980f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7931d32955e09d0a11b1fe0b6aac1bfa061c005c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007
    Patch
  • lists.debian.org https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Remediation

  • git.kernel.org https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa1c2980f
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/7931d32955e09d0a11b1fe0b6aac1bfa061c005c
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564
    Patch
  • git.kernel.org https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007
    Patch