medium
5.5
Advisory Published
CVE Published
Updated

CVE-2024-26808: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain

First published: Thu Apr 04 2024(Updated: )

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_chain_filter: handle NETDEV_UNREGISTER for inet/ingress basechain Remove netdevice from inet/ingress basechain in case NETDEV_UNREGISTER event is reported, otherwise a stale reference to netdevice remains in the hook list.

Credit: 416baaa9-dc9f-4396-8d5f-8c081fb06d67 416baaa9-dc9f-4396-8d5f-8c081fb06d67

Affected SoftwareAffected VersionHow to fix
redhat/kernel<5.10.210
5.10.210
redhat/kernel<5.15.149
5.15.149
redhat/kernel<6.1.76
6.1.76
redhat/kernel<6.6.15
6.6.15
redhat/kernel<6.7.3
6.7.3
redhat/kernel<6.8
6.8
Linux Kernel>=5.10<5.10.210
Linux Kernel>=5.11<5.15.149
Linux Kernel>=5.16<=6.1.76
Linux Kernel>=6.2<6.6.15
Linux Kernel>=6.7<6.7.3
Linux Kernel=6.8-rc1
Debian Linux=10.0
debian/linux
5.10.223-1
5.10.234-1
6.1.129-1
6.1.135-1
6.12.25-1
6.12.27-1

Remedy

https://git.kernel.org/stable/c/01acb2e8666a6529697141a6017edbf206921913

Remedy

https://git.kernel.org/stable/c/36a0a80f32209238469deb481967d777a3d539ee

Remedy

https://git.kernel.org/stable/c/70f17b48c86622217a58d5099d29242fc9adac58

Remedy

https://git.kernel.org/stable/c/9489e214ea8f2a90345516016aa51f2db3a8cc2f

Remedy

https://git.kernel.org/stable/c/af149a46890e8285d1618bd68b8d159bdb87fdb3

Remedy

https://git.kernel.org/stable/c/e5888acbf1a3d8d021990ce6c6061fd5b2bb21b4

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2024-26808?

    CVE-2024-26808 has been classified with a severity rating of medium.

  • How do I fix CVE-2024-26808?

    To fix CVE-2024-26808, update the kernel to one of the patched versions listed in your distribution's advisory.

  • Which Linux kernel versions are affected by CVE-2024-26808?

    CVE-2024-26808 affects multiple kernel versions including those before 5.10.210, 5.15.149, 6.1.76, and others as listed in the vulnerability report.

  • What impact does CVE-2024-26808 have on system security?

    CVE-2024-26808 may allow an attacker to exploit the stale reference to netdevice in the ingress basechain, potentially compromising network functionalities.

  • Is there a workaround for CVE-2024-26808?

    There are no recommended workarounds for CVE-2024-26808, and it is best mitigated by applying available patches.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203