CVE-2024-26673

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-26673
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26673.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-26673
Downstream
Related
Published
2024-04-02T06:51:05.857Z
Modified
2025-11-28T02:35:04.709566Z
Summary
netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_ct: sanitize layer 3 and 4 protocol number in custom expectations

  • Disallow families other than NFPROTO_{IPV4,IPV6,INET}.
  • Disallow layer 4 protocol with no ports, since destination port is a mandatory attribute for this object.
Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26673.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
857b46027d6f91150797295752581b7155b9d0e1
Fixed
f549f340c91f08b938d60266e792ff7748dae483
Fixed
65ee90efc928410c6f73b3d2e0afdd762652c09d
Fixed
b775ced05489f4b77a35fe203e9aeb22f428e38f
Fixed
0f501dae16b7099e69ee9b0d5c70b8f40fd30e98
Fixed
cfe3550ea5df292c9e2d608e8c4560032391847e
Fixed
38cc1605338d99205a263707f4dde76408d3e0e8
Fixed
8059918a1377f2f1fff06af4f5a4ed3d5acd6bc4

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.3.0
Fixed
5.4.269
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.210
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.149
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.77
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.16
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.7.4