Exploitation of CVE-2024-26581 could allow sensitive information disclosure, privilege escalation, or arbitrary code execution

Threat ID:CC-4544

Threat Severity:Medium

Published:6 September 2024 12:20 PM

Summary

Affected platforms

The following platforms are known to be affected:

Linux kernel

Threat details

Introduction

The Linux kernel contains an out-of-bounds write vulnerability CVE-2024-26581 with a CVSSv3 score of 7.8. If exploited, a local attacker could leak sensitive information, escalate privileges to root, or execute arbitrary code.

Public proof-of-concept exploit released for CVE-2024-26581

Security researchers have released a public proof-of-concept exploit for CVE-2024-26581. Exploitation is considered more likely.

Remediation advice

Affected organisations are encouraged to contact their Linux IT vendors and update the Linux kernel to version 6.8-rc4 or higher.

Definitive source of threat updates

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/net/netfilter?id=60c0c230c6f046da536d3df8b39a20b9a9fd6af0

https://nvd.nist.gov/vuln/detail/CVE-2024-26581

CVE Vulnerabilities

StatusPublished

CVE-2024-26581In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active.

Last edited: 6 September 2024 12:20 pm