CVE-2024-39504

Published: Jul 12, 2024

Modified: May 11, 2026

PUBLISHED

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: validate mandatory meta and payload Check for mandatory netlink attributes in payload and meta expression when used embedded from the inner expression, otherwise NULL pointer dereference is possible from userspace.

Vendor	Product	Versions
Linux	Linux	affected `3a07327d10a09379315c844c63f27941f5081e0a - < b30669fdea0ca03aa22995e6c99f7e7d9dee89ff` affected `3a07327d10a09379315c844c63f27941f5081e0a - < 39323f54cad29602917848346c71b087da92a19d` affected `3a07327d10a09379315c844c63f27941f5081e0a - < c4ab9da85b9df3692f861512fe6c9812f38b7471`
Linux	Linux	affected `6.2` unaffected `0 - < 6.2` unaffected `6.6.35 - <= 6.6.` unaffected `6.9.6 - <= 6.9.` unaffected `6.10 - <= *`

References

https://git.kernel.org/stable/c/b30669fdea0ca03aa22995e6c99f7e7d9dee89ff

https://git.kernel.org/stable/c/39323f54cad29602917848346c71b087da92a19d

https://git.kernel.org/stable/c/c4ab9da85b9df3692f861512fe6c9812f38b7471

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-39504

Description

Affected Products

References