Vulnerabilities > CVE-2024-1086 - Use After Free vulnerability in multiple products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

Vulnerable Configurations

Part Description Count
OS
Linux
3272
OS
Fedoraproject
1
OS
Redhat
6
OS
Debian
1
OS
Netapp
3
Hardware
Netapp
3

Common Weakness Enumeration (CWE)

References