CVE-2024-35898

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-35898
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-35898.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-35898
Downstream
Related
Published
2024-05-19T08:34:52.519Z
Modified
2025-11-27T02:33:16.953429Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
netfilter: nf_tables: Fix potential data-race in __nft_flowtable_type_get()
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nftables: Fix potential data-race in _nftflowtabletype_get()

nftunregisterflowtabletype() within nfflowinetmoduleexit() can concurrent with _nftflowtabletypeget() within nftablesnewflowtable(). And thhere is not any protection when iterate over nftablesflowtables list in _nftflowtabletypeget(). Therefore, there is pertential data-race of nftables_flowtables list entry.

Use listforeachentryrcu() to iterate over nftablesflowtables list in _nftflowtabletypeget(), and use rcureadlock() in the caller nftflowtabletype_get() to protect the entire type query process.

Database specific 
{
    "cna_assigner": "Linux",
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/blob/cc431b3424123d84bcd7afd4de150b33f117a8ef/cves/2024/35xxx/CVE-2024-35898.json"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
69d1fe14a680042ec913f22196b58e2c8ff1b007
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
a347bc8e6251eaee4b619da28020641eb5b0dd77
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
940d41caa71f0d3a52df2fde5fada524a993e331
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
2485bcfe05ee3cf9ca8923a94fa2e456924c79c8
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
9b5b7708ec2be21dd7ef8ca0e3abe4ae9f3b083b
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
8b891153b2e4dc0ca9d9dab8f619d49c740813df
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
e684b1674fd1ca4361812a491242ae871d6b2859
Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
3b49e2e94e6ebb8b23d0955d9e898254455734f8
Fixed
24225011d81b471acc0e1e315b7d9905459a6304

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
4.16.0
Fixed
4.19.312
Type
ECOSYSTEM
Events
Introduced
4.20.0
Fixed
5.4.274
Type
ECOSYSTEM
Events
Introduced
5.5.0
Fixed
5.10.215
Type
ECOSYSTEM
Events
Introduced
5.11.0
Fixed
5.15.154
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.85
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.26
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.8.5