CVE-2024-26849
Published: Apr 17, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netlink: add nla be16/32 types to minlen array BUG: KMSAN: uninit-value in nla_validate_range_unsigned lib/nlattr.c:222 [inline] BUG: KMSAN: uninit-value in nla_validate_int_range lib/nlattr.c:336 [inline] BUG: KMSAN: uninit-value in validate_nla lib/nlattr.c:575 [inline] BUG: KMSAN: uninit-value in __nla_validate_parse+0x2e20/0x45c0 lib/nlattr.c:631 nla_validate_range_unsigned lib/nlattr.c:222 [inline] nla_validate_int_range lib/nlattr.c:336 [inline] validate_nla lib/nlattr.c:575 [inline] ... The message in question matches this policy: [NFTA_TARGET_REV] = NLA_POLICY_MAX(NLA_BE32, 255), but because NLA_BE32 size in minlen array is 0, the validation code will read past the malformed (too small) attribute. Note: Other attributes, e.g. BITFIELD32, SINT, UINT.. are also missing: those likely should be added too.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 24ea1c8abaae6541ad95912422a9af4fb858428d - < 000a68159c0326b46c42ec712ab98793e7e625a7affected cbfac0add2afe8960a09806012313765a2179423 - < 80b40f9cb87f3bf5877dfb852765cf92bc03ca77affected ecaf75ffd5f5db320d8b1da0198eef5a5ce64a3f - < 0ac219c4c3ab253f3981f346903458d20bacab32affected ecaf75ffd5f5db320d8b1da0198eef5a5ce64a3f - < a2ab028151841cd833cb53eb99427e0cc990112daffected ecaf75ffd5f5db320d8b1da0198eef5a5ce64a3f - < 7a9d14c63b35f89563c5ecbadf918ad64979712d+1 more versions |
Linux | Linux | affected 6.1unaffected 0 - < 6.1unaffected 6.1.81 - <= 6.1.*unaffected 6.6.21 - <= 6.6.*unaffected 6.7.9 - <= 6.7.*+1 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now