CVE-2024-35897 - Vulnerability Details

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: discard table flag update with pending basechain deletion Hook unregistration is deferred to the commit phase, same occurs with hook updates triggered by the table dormant flag. When both commands are combined, this results in deleting a basechain while leaving its hook still registered in the core.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Redhat	Enterprise Linux Rhel E4s Rhel Eus

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10	cpe:/a:redhat:enterprise_linux:8::nfv	RHSA-2024:5102	2024-08-08T00:00:00Z
kernel-0:4.18.0-553.16.1.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2024:5101	2024-08-08T00:00:00Z
Red Hat Enterprise Linux 9
kernel-0:5.14.0-427.33.1.el9_4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:5928	2024-08-28T00:00:00Z
kernel-0:5.14.0-427.33.1.el9_4	cpe:/o:redhat:enterprise_linux:9	RHSA-2024:5928	2024-08-28T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
kernel-0:5.14.0-70.112.1.el9_0	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:5257	2024-08-13T00:00:00Z
kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0	cpe:/a:redhat:rhel_e4s:9.0::nfv	RHSA-2024:5256	2024-08-13T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
kernel-0:5.14.0-284.75.1.el9_2	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:4823	2024-07-24T00:00:00Z
kernel-rt-0:5.14.0-284.75.1.rt14.360.el9_2	cpe:/a:redhat:rhel_eus:9.2::nfv	RHSA-2024:4831	2024-07-24T00:00:00Z

References

Link	Providers
https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518
https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4
https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb
https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927
https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827
https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78
https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362
https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc
https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html
https://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T
https://nvd.nist.gov/vuln/detail/CVE-2024-35897
https://www.cve.org/CVERecord?id=CVE-2024-35897

History

Thu, 19 Dec 2024 10:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 18:30:00 +0000

Type	Values Removed	Values Added
Metrics	ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 11 Sep 2024 13:30:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 28 Aug 2024 23:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9

Tue, 13 Aug 2024 23:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_e4s:9.0

Tue, 13 Aug 2024 06:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel E4s
CPEs		cpe:/a:redhat:rhel_e4s:9.0::nfv
Vendors & Products		Redhat rhel E4s

Thu, 08 Aug 2024 19:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat enterprise Linux
CPEs		cpe:/a:redhat:enterprise_linux:8::nfv cpe:/o:redhat:enterprise_linux:8
Vendors & Products		Redhat enterprise Linux

MITRE

Status: PUBLISHED

Assigner: Linux

Published: 2024-05-19T08:34:51.799Z

Updated: 2025-05-04T09:07:53.215Z

Reserved: 2024-05-17T13:50:33.114Z

Link: CVE-2024-35897

Vulnrichment

Updated: 2024-08-02T03:21:48.782Z

NVD

Status : Awaiting Analysis

Published: 2024-05-19T09:15:10.640

Modified: 2024-11-21T09:21:09.183

Link: CVE-2024-35897

Redhat

Severity : Moderate

Publid Date: 2024-05-19T00:00:00Z

Links: CVE-2024-35897 - Bugzilla

{"dataType": "CVE_RECORD", "cveMetadata": {"cveId": "CVE-2024-35897", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "state": "PUBLISHED", "assignerShortName": "Linux", "dateReserved": "2024-05-17T13:50:33.114Z", "datePublished": "2024-05-19T08:34:51.799Z", "dateUpdated": "2025-05-04T09:07:53.215Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:07:53.215Z"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core."}], "affected": [{"product": "Linux", "vendor": "Linux", "defaultStatus": "unaffected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "bf8083bbf8fa202e6e5316bbd99759ab82bfe7a3", "lessThan": "e75faf01e22ec7dc671640fa0e0968964fafd2fc", "status": "affected", "versionType": "git"}, {"version": "e10f661adc556c4969c70ddaddf238bffdaf1e87", "lessThan": "9a3b90904d8a072287480eed4c3ece4b99d64f78", "status": "affected", "versionType": "git"}, {"version": "d9c4da8cb74e8ee6e58a064a3573aa37acf6c935", "lessThan": "b58d0ac35f6d75ec1db8650a29dfd6f292c11362", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "6cbbe1ba76ee7e674a86abd43009b083a45838cb", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "9627fd0c6ea1c446741a33e67bc5709c59923827", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "7f609f630951b624348373cef99991ce08831927", "status": "affected", "versionType": "git"}, {"version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "1bc83a019bbe268be3526406245ec28c2458a518", "status": "affected", "versionType": "git"}]}, {"product": "Linux", "vendor": "Linux", "defaultStatus": "affected", "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "programFiles": ["net/netfilter/nf_tables_api.c"], "versions": [{"version": "5.13", "status": "affected"}, {"version": "0", "lessThan": "5.13", "status": "unaffected", "versionType": "semver"}, {"version": "5.4.274", "lessThanOrEqual": "5.4.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.10.215", "lessThanOrEqual": "5.10.*", "status": "unaffected", "versionType": "semver"}, {"version": "5.15.155", "lessThanOrEqual": "5.15.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.1.86", "lessThanOrEqual": "6.1.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.6.26", "lessThanOrEqual": "6.6.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.8.5", "lessThanOrEqual": "6.8.*", "status": "unaffected", "versionType": "semver"}, {"version": "6.9", "lessThanOrEqual": "*", "status": "unaffected", "versionType": "original_commit_for_fix"}]}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.262", "versionEndExcluding": "5.4.274"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.10.202", "versionEndExcluding": "5.10.215"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "5.15.155"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.1.86"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.6.26"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.8.5"}, {"vulnerable": true, "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.13", "versionEndExcluding": "6.9"}]}]}], "references": [{"url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc"}, {"url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78"}, {"url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362"}, {"url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb"}, {"url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4"}, {"url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827"}, {"url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927"}, {"url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518"}], "title": "netfilter: nf_tables: discard table flag update with pending basechain deletion", "x_generator": {"engine": "bippy-1.2.0"}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:48.782Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}]}, {"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35897", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:41:11.412085Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T17:33:16.369Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518", "tags": ["x_transferred"]}, {"url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T03:21:48.782Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-35897", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-09-10T15:41:11.412085Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-11T12:42:15.850Z"}}], "cna": {"title": "netfilter: nf_tables: discard table flag update with pending basechain deletion", "affected": [{"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "bf8083bbf8fa202e6e5316bbd99759ab82bfe7a3", "lessThan": "e75faf01e22ec7dc671640fa0e0968964fafd2fc", "versionType": "git"}, {"status": "affected", "version": "e10f661adc556c4969c70ddaddf238bffdaf1e87", "lessThan": "9a3b90904d8a072287480eed4c3ece4b99d64f78", "versionType": "git"}, {"status": "affected", "version": "d9c4da8cb74e8ee6e58a064a3573aa37acf6c935", "lessThan": "b58d0ac35f6d75ec1db8650a29dfd6f292c11362", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "6cbbe1ba76ee7e674a86abd43009b083a45838cb", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "9627fd0c6ea1c446741a33e67bc5709c59923827", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "7f609f630951b624348373cef99991ce08831927", "versionType": "git"}, {"status": "affected", "version": "179d9ba5559a756f4322583388b3213fe4e391b0", "lessThan": "1bc83a019bbe268be3526406245ec28c2458a518", "versionType": "git"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "unaffected"}, {"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git", "vendor": "Linux", "product": "Linux", "versions": [{"status": "affected", "version": "5.13"}, {"status": "unaffected", "version": "0", "lessThan": "5.13", "versionType": "semver"}, {"status": "unaffected", "version": "5.4.274", "versionType": "semver", "lessThanOrEqual": "5.4.*"}, {"status": "unaffected", "version": "5.10.215", "versionType": "semver", "lessThanOrEqual": "5.10.*"}, {"status": "unaffected", "version": "5.15.155", "versionType": "semver", "lessThanOrEqual": "5.15.*"}, {"status": "unaffected", "version": "6.1.86", "versionType": "semver", "lessThanOrEqual": "6.1.*"}, {"status": "unaffected", "version": "6.6.26", "versionType": "semver", "lessThanOrEqual": "6.6.*"}, {"status": "unaffected", "version": "6.8.5", "versionType": "semver", "lessThanOrEqual": "6.8.*"}, {"status": "unaffected", "version": "6.9", "versionType": "original_commit_for_fix", "lessThanOrEqual": "*"}], "programFiles": ["net/netfilter/nf_tables_api.c"], "defaultStatus": "affected"}], "references": [{"url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc"}, {"url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78"}, {"url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362"}, {"url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb"}, {"url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4"}, {"url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827"}, {"url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927"}, {"url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518"}], "x_generator": {"engine": "bippy-1.2.0"}, "descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core."}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.274", "versionStartIncluding": "5.4.262"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.10.215", "versionStartIncluding": "5.10.202"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.15.155", "versionStartIncluding": "5.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.1.86", "versionStartIncluding": "5.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.6.26", "versionStartIncluding": "5.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.8.5", "versionStartIncluding": "5.13"}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "6.9", "versionStartIncluding": "5.13"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "shortName": "Linux", "dateUpdated": "2025-05-04T09:07:53.215Z"}}}, "cveMetadata": {"cveId": "CVE-2024-35897", "state": "PUBLISHED", "dateUpdated": "2025-05-04T09:07:53.215Z", "dateReserved": "2024-05-17T13:50:33.114Z", "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "datePublished": "2024-05-19T08:34:51.799Z", "assignerShortName": "Linux"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\n\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core."}, {"lang": "es", "value": " En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nf_tables: descartar actualizaci\u00f3n del indicador de tabla con eliminaci\u00f3n pendiente de la cadena base. La cancelaci\u00f3n del registro del gancho se difiere hasta la fase de confirmaci\u00f3n; lo mismo ocurre con las actualizaciones del gancho activadas por el indicador inactivo de la tabla. Cuando se combinan ambos comandos, esto da como resultado la eliminaci\u00f3n de una cadena base y deja su gancho a\u00fan registrado en el n\u00facleo."}], "id": "CVE-2024-35897", "lastModified": "2024-11-21T09:21:09.183", "metrics": {}, "published": "2024-05-19T09:15:10.640", "references": [{"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362"}, {"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/1bc83a019bbe268be3526406245ec28c2458a518"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/2aeb805a1bcd5f27c8c0d1a9d4d653f16d1506f4"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/6cbbe1ba76ee7e674a86abd43009b083a45838cb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/7f609f630951b624348373cef99991ce08831927"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/9627fd0c6ea1c446741a33e67bc5709c59923827"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/9a3b90904d8a072287480eed4c3ece4b99d64f78"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/b58d0ac35f6d75ec1db8650a29dfd6f292c11362"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://git.kernel.org/stable/c/e75faf01e22ec7dc671640fa0e0968964fafd2fc"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"}], "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67", "vulnStatus": "Awaiting Analysis"}

{"affected_release": [{"advisory": "RHSA-2024:5102", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5101", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-553.16.1.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2024-08-08T00:00:00Z"}, {"advisory": "RHSA-2024:5928", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.33.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-28T00:00:00Z"}, {"advisory": "RHSA-2024:5928", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "kernel-0:5.14.0-427.33.1.el9_4", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2024-08-28T00:00:00Z"}, {"advisory": "RHSA-2024:5257", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "kernel-0:5.14.0-70.112.1.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:5256", "cpe": "cpe:/a:redhat:rhel_e4s:9.0::nfv", "package": "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2024-08-13T00:00:00Z"}, {"advisory": "RHSA-2024:4823", "cpe": "cpe:/a:redhat:rhel_eus:9.2", "package": "kernel-0:5.14.0-284.75.1.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-24T00:00:00Z"}, {"advisory": "RHSA-2024:4831", "cpe": "cpe:/a:redhat:rhel_eus:9.2::nfv", "package": "kernel-rt-0:5.14.0-284.75.1.rt14.360.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date": "2024-07-24T00:00:00Z"}], "bugzilla": {"description": "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion", "id": "2281672", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2281672"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "details": ["In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core."], "name": "CVE-2024-35897", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2024-05-19T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-35897\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35897\nhttps://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T"], "threat_severity": "Moderate"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object