CVE-2024-26925
Published: Apr 24, 2024
Modified: May 23, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected 4b6346dc1edfb9839d6edee7360ed31a22fa6c95 - < 61ac7284346c32f9a8c8ceac56102f7914060428affected 23292bdfda5f04e704a843b8f97b0eb95ace1ca6 - < 2cee2ff7f8cce12a63a0a23ffe27f08d99541494affected b44a459c6561595ed7c3679599c5279204132b33 - < eb769ff4e281f751adcaf4f4445cbf30817be139affected 5d319f7a81431c6bb32eb4dc7d7975f99e2c8c66 - < 8d3a58af50e46167b6f1db47adadad03c0045daeaffected 720344340fb9be2765bbaab7b292ece0a4570eae - < 8038ee3c3e5b59bcd78467686db5270c68544e30+10 more versions |
Linux | Linux | affected 6.5unaffected 0 - < 6.5unaffected 5.4.274 - <= 5.4.*unaffected 5.10.215 - <= 5.10.*unaffected 5.15.155 - <= 5.15.*+4 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now