We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2024-27020

netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()



Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get() nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry. Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.

Reserved 2024-02-19 | Published 2024-05-01 | Updated 2025-05-04 | Assigner Linux

Product status

Default status
unaffected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before 939109c0a8e2a006a6cc8209e262d25065f4403a
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before b38a133d37fa421c8447b383d788c9cc6f5cb34c
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before 934e66e231cff2b18faa2c8aad0b8cec13957e05
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before 0b6de00206adbbfc6373b3ae38d2a6f197987907
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before 8d56bad42ac4c43c6c72ddd6a654a2628bf839c5
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before a9ebf340d123ae12582210407f879d6a5a1bc25b
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before 01f1a678b05ade4b1248019c2dcca773aebbeb7f
affected

ef1f7df9170dbd875ce198ba84e6ab80f6fc139e before f969eb84ce482331a991079ab7a5c4dc3b7f89bf
affected

Default status
affected

3.13
affected

Any version before 3.13
unaffected

4.19.313
unaffected

5.4.275
unaffected

5.10.216
unaffected

5.15.157
unaffected

6.1.88
unaffected

6.6.29
unaffected

6.8.8
unaffected

6.9
unaffected

References

git.kernel.org/...c/939109c0a8e2a006a6cc8209e262d25065f4403a

git.kernel.org/...c/b38a133d37fa421c8447b383d788c9cc6f5cb34c

git.kernel.org/...c/934e66e231cff2b18faa2c8aad0b8cec13957e05

git.kernel.org/...c/0b6de00206adbbfc6373b3ae38d2a6f197987907

git.kernel.org/...c/8d56bad42ac4c43c6c72ddd6a654a2628bf839c5

git.kernel.org/...c/a9ebf340d123ae12582210407f879d6a5a1bc25b

git.kernel.org/...c/01f1a678b05ade4b1248019c2dcca773aebbeb7f

git.kernel.org/...c/f969eb84ce482331a991079ab7a5c4dc3b7f89bf

cve.org (CVE-2024-27020)

nvd.nist.gov (CVE-2024-27020)

Download JSON

Share this page
https://cve.threatint.eu/CVE/CVE-2024-27020

Support options

Helpdesk Chat, Email, Knowledgebase
© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.