CVE-2024-53141
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-53141
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53141.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-53141
- Downstream
- Related
- Published
- 2024-12-06T09:37:02.009Z
- Modified
- 2025-11-28T02:35:47.972903Z
- Summary
- netfilter: ipset: add missing range check in bitmap_ip_uadt
- Details
-
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ipset: add missing range check in bitmapipuadt
When tb[IPSETATTRIPTO] is not present but tb[IPSETATTRCIDR] exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but this part is missing and it seems that the vulnerability occurs.
So we should add missing range checks and remove unnecessary range checks.
- Database specific
{ "cna_assigner": "Linux", "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53141.json" }- References
-
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- https://git.kernel.org/stable/c/15794835378ed56fb9bacc6a5dd3b9f33520604e
- https://git.kernel.org/stable/c/2e151b8ca31607d14fddc4ad0f14da0893e1a7c7
- https://git.kernel.org/stable/c/35f56c554eb1b56b77b3cf197a6b00922d49033d
- https://git.kernel.org/stable/c/3c20b5948f119ae61ee35ad8584d666020c91581
- https://git.kernel.org/stable/c/591efa494a1cf649f50a35def649c43ae984cd03
- https://git.kernel.org/stable/c/78b0f2028f1043227a8eb0c41944027fc6a04596
- https://git.kernel.org/stable/c/7ffef5e5d5eeecd9687204a5ec2d863752aafb7e
- https://git.kernel.org/stable/c/856023ef032d824309abd5c747241dffa33aae8c
- https://git.kernel.org/stable/c/e67471437ae9083fa73fa67eee1573fec1b7c8cf
- https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/53xxx/CVE-2024-53141.json
- https://lists.debian.org/debian-lts-announce/2025/03/msg00001.html
- https://lists.debian.org/debian-lts-announce/2025/03/msg00002.html
- https://nvd.nist.gov/vuln/detail/CVE-2024-53141
Affected packages
Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Affected ranges
- Type
- GIT
- Repo
- https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
- Events
-
Introduced72205fc68bd13109576aa6c4c12c740962d28a6cFixed3c20b5948f119ae61ee35ad8584d666020c91581Fixed78b0f2028f1043227a8eb0c41944027fc6a04596Fixed2e151b8ca31607d14fddc4ad0f14da0893e1a7c7Fixede67471437ae9083fa73fa67eee1573fec1b7c8cfFixed7ffef5e5d5eeecd9687204a5ec2d863752aafb7eFixed856023ef032d824309abd5c747241dffa33aae8cFixed591efa494a1cf649f50a35def649c43ae984cd03Fixed15794835378ed56fb9bacc6a5dd3b9f33520604eFixed35f56c554eb1b56b77b3cf197a6b00922d49033d
Linux / Kernel
Package
- Name
- Kernel
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced2.6.39Fixed4.19.325
- Type
- ECOSYSTEM
- Events
-
Introduced4.20.0Fixed5.4.287
- Type
- ECOSYSTEM
- Events
-
Introduced5.5.0Fixed5.10.231
- Type
- ECOSYSTEM
- Events
-
Introduced5.11.0Fixed5.15.174
- Type
- ECOSYSTEM
- Events
-
Introduced5.16.0Fixed6.1.120
- Type
- ECOSYSTEM
- Events
-
Introduced6.2.0Fixed6.6.64
- Type
- ECOSYSTEM
- Events
-
Introduced6.7.0Fixed6.11.11
- Type
- ECOSYSTEM
- Events
-
Introduced6.12.0Fixed6.12.2