CVE-2024-42070

Published: Jul 29, 2024Modified: May 12, 2026

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fully validate NFT_DATA_VALUE on store to data registers register store validation for NFT_DATA_VALUE is conditional, however, the datatype is always either NFT_DATA_VALUE or NFT_DATA_VERDICT. This only requires a new helper function to infer the register type from the set datatype so this conditional check can be removed. Otherwise, pointer to chain object can be leaked through the registers.

Affected (8)

Products: Linux: Linux Kernel

1 product

Configuration A

8 vulnerable

Vulnerable Software	Affected Versions
Linux Linux Kernel	Before 3.13
Linux Linux Kernel	From 3.14 to 4.19.317
Linux Linux Kernel	From 4.20 to 5.4.279
Linux Linux Kernel	From 5.11 to 5.15.162
Linux Linux Kernel	From 5.16 to 6.1.97
Linux Linux Kernel	From 5.5 to 5.10.221
Linux Linux Kernel	From 6.2 to 6.6.37
Linux Linux Kernel	From 6.7 to 6.9.8

Related CWEs

Missing Release of Memory after Effective Lifetime

The product does not sufficiently track and release allocated memory after it has been used, which slowly consumes remaining memory.

References (20)

https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa1c2980f

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/7931d32955e09d0a11b1fe0b6aac1bfa061c005c

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007

Source: 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Patch

https://git.kernel.org/stable/c/23752737c6a618e994f9a310ec2568881a6b49c4

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/40188a25a9847dbeb7ec67517174a835a677752f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/41a6375d48deaf7f730304b5153848bfa1c2980f

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/461302e07f49687ffe7d105fa0a330c07c7646d8

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/5d43d789b57943720dca4181a05f6477362b94cf

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/7931d32955e09d0a11b1fe0b6aac1bfa061c005c

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/952bf8df222599baadbd4f838a49c4fef81d2564

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://git.kernel.org/stable/c/efb27ad05949403848f487823b597ed67060e007

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html

Source: af854a3a-2127-422b-91ae-364da2661108

https://cert-portal.siemens.com/productcert/html/ssa-265688.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

https://cert-portal.siemens.com/productcert/html/ssa-398330.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

https://cert-portal.siemens.com/productcert/html/ssa-613116.html

Source: 0b142b55-0307-4c5a-b3c9-f314f3fb7c5e

Timeline

No history available yet.