CVE-2024-26668

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-26668

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26668.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-26668

Downstream

BELL-CVE-2024-26668

DEBIAN-CVE-2024-26668

OESA-2024-1617

OESA-2024-1618

OESA-2024-1620

OESA-2024-1621

OESA-2024-1622

OESA-2024-1647

RHSA-2024:4823

RHSA-2024:4831

RHSA-2024:5928

ROOT-OS-DEBIAN-11-CVE-2024-26668

SUSE-SU-2024:3189-1

SUSE-SU-2024:3190-1

SUSE-SU-2024:3194-1

SUSE-SU-2024:3195-1

SUSE-SU-2024:3209-1

SUSE-SU-2024:3251-1

SUSE-SU-2024:3252-1

SUSE-SU-2024:3383-1

SUSE-SU-2024:3483-1

SUSE-SU-2025:20044-1

SUSE-SU-2025:20047-1

Related

Published

2024-04-02T06:43:29.690Z

Modified

2026-05-15T11:54:11.331265191Z

Summary

netfilter: nft_limit: reject configurations that cause integer overflow

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nft_limit: reject configurations that cause integer overflow

Reject bogus configs where internal token counter wraps around. This only occurs with very very large requests, such as 17gbyte/s.

Its better to reject this rather than having incorrect ratelimit.

Database specific

{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26668.json",
    "cna_assigner": "Linux"
}

References

Affected packages

Linux / Kernel

Package

Name: Kernel

Affected ranges

Type: ECOSYSTEM
Events: Introduced

4.3.0

Fixed

5.15.149

Type: ECOSYSTEM
Events: Introduced

5.16.0

Fixed

6.1.76

Type: ECOSYSTEM
Events: Introduced

6.2.0

Fixed

6.6.15

Type: ECOSYSTEM
Events: Introduced

6.7.0

Fixed

6.7.3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-26668.json"