CVE-2024-26925

Published: Apr 25, 2024Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release mutex after nft_gc_seq_end from abort path The commit mutex should not be released during the critical section between nft_gc_seq_begin() and nft_gc_seq_end(), otherwise, async GC worker could collect expired objects and get the released commit lock within the same GC sequence. nf_tables_module_autoload() temporarily releases the mutex to load module dependencies, then it goes back to replay the transaction again. Move it at the end of the abort phase after nft_gc_seq_end() is called.

Affected (12)

Products: Linux: Linux Kernel · Debian: Debian Linux

1 product

1 product

Configuration A

11 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	From 4.19.316 to 4.20
Linux Linux Kernel	From 5.10.198 to 5.10.215
Linux Linux Kernel	From 5.15.134 to 5.15.155
Linux Linux Kernel	From 5.4.262 to 5.4.274
Linux Linux Kernel	From 6.1.56 to 6.1.86
Linux Linux Kernel	From 6.4.13 to 6.5
Linux Linux Kernel	From 6.5.1 to 6.6.26
Linux Linux Kernel	From 6.7 to 6.8.5
Linux Linux Kernel	Version 6.5
Linux Linux Kernel	Version 6.9 rc1
Linux Linux Kernel	Version 6.9 rc2

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Related CWEs

Improper Locking

The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.

References (17)

https://git.kernel.org/stable/c/0d459e2ffb541841714839e8228b845458ed3b27

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/2cee2ff7f8cce12a63a0a23ffe27f08d99541494

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/61ac7284346c32f9a8c8ceac56102f7914060428

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8038ee3c3e5b59bcd78467686db5270c68544e30

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/8d3a58af50e46167b6f1db47adadad03c0045dae

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/a34ba4bdeec0c3b629160497594908dc820110f1

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/eb769ff4e281f751adcaf4f4445cbf30817be139

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/0d459e2ffb541841714839e8228b845458ed3b27

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/2cee2ff7f8cce12a63a0a23ffe27f08d99541494

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/61ac7284346c32f9a8c8ceac56102f7914060428

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/8038ee3c3e5b59bcd78467686db5270c68544e30

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/8d3a58af50e46167b6f1db47adadad03c0045dae

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/a34ba4bdeec0c3b629160497594908dc820110f1

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/eb769ff4e281f751adcaf4f4445cbf30817be139

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

https://cert-portal.siemens.com/productcert/html/ssa-354112.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.