CVE-2024-27019
Published: May 1, 2024
Modified: May 11, 2026
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_obj_type_get() nft_unregister_obj() can concurrent with __nft_obj_type_get(), and there is not any protection when iterate over nf_tables_objects list in __nft_obj_type_get(). Therefore, there is potential data-race of nf_tables_objects list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_objects list in __nft_obj_type_get(), and use rcu_read_lock() in the caller nft_obj_type_get() to protect the entire type query process.
| Vendor | Product | Versions |
|---|---|---|
Linux | Linux | affected e50092404c1bc7aaeb0a0f4077fa6f07b073a20f - < cade34279c2249eafe528564bd2e203e4ff15f88affected e50092404c1bc7aaeb0a0f4077fa6f07b073a20f - < 379bf7257bc5f2a1b1ca8514e08a871b7bf6d920affected e50092404c1bc7aaeb0a0f4077fa6f07b073a20f - < df7c0fb8c2b9f9cac65659332581b19682a71349affected e50092404c1bc7aaeb0a0f4077fa6f07b073a20f - < ad333578f736d56920e090d7db1f8dec891d815eaffected e50092404c1bc7aaeb0a0f4077fa6f07b073a20f - < 4ca946b19caf655a08d5e2266d4d5526025ebb73+1 more versions |
Linux | Linux | affected 4.10unaffected 0 - < 4.10unaffected 5.10.219 - <= 5.10.*unaffected 5.15.157 - <= 5.15.*unaffected 6.1.88 - <= 6.1.*+3 more versions |
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now