CVE-2024-26739
Published: Apr 3, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcode to SHOT. If we have called tcf_mirred_forward(), however, the skb is out of our hands and returning SHOT will lead to UaF. Move the retval override to the error path which actually need it.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e5cf1baf92cb785b90390db1c624948e70c8b8bd - < 0117fe0a4615a7c8d30d6ebcbf87332fbe63e6fdaffected e5cf1baf92cb785b90390db1c624948e70c8b8bd - < 9d3ef89b6a5e9f2e940de2cef3d543be0be8dec5affected e5cf1baf92cb785b90390db1c624948e70c8b8bd - < e873e8f7d03a2ee5b77fb1a305c782fed98e2754affected e5cf1baf92cb785b90390db1c624948e70c8b8bd - < 28cdbbd38a4413b8eff53399b3f872fd4e80db9daffected e5cf1baf92cb785b90390db1c624948e70c8b8bd - < f4e294bbdca8ac8757db436fc82214f3882fc7e7+1 more versions |
Linux | Linux | affected 4.19unaffected 0 - < 4.19unaffected 5.10.238 - <= 5.10.*unaffected 5.15.182 - <= 5.15.*unaffected 6.1.136 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now