CVE-2024-42269

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2024-42269
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42269.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-42269
Downstream
Related
Published
2024-08-17T08:54:24.267Z
Modified
2026-05-18T05:56:07.443395132Z
Summary
netfilter: iptables: Fix potential null-ptr-deref in ip6table_nat_table_init().
Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: iptables: Fix potential null-ptr-deref in ip6tablenattable_init().

ip6tablenattableinit() accesses net->gen->ptr[ip6tablenatnetops.id], but the function is exposed to user space before the entry is allocated via registerpernetsubsys().

Let's call registerpernetsubsys() before xtregistertemplate().

Database specific 
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/42xxx/CVE-2024-42269.json",
    "cna_assigner": "Linux"
}
References

Affected packages

Git / git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git

Affected ranges

Type
GIT
Repo
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
Events
Introduced
fdacd57c79b79a03c7ca88f706ad9fb7b46831c1
Fixed
419ee6274c5153b89c4393c1946faa4c3cad4f9e
Fixed
91b6df6611b7edb28676c4f63f90c56c30d3e601
Fixed
e85b9b6a87be4cb3710082038b677e97f2389003
Fixed
87dba44e9471b79b255d0736858a897332db9226
Fixed
c22921df777de5606f1047b1345b8d22ef1c0b34

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42269.json"

Linux / Kernel

Package

Name
Kernel

Affected ranges

Type
ECOSYSTEM
Events
Introduced
5.15.0
Fixed
5.15.165
Type
ECOSYSTEM
Events
Introduced
5.16.0
Fixed
6.1.104
Type
ECOSYSTEM
Events
Introduced
6.2.0
Fixed
6.6.45
Type
ECOSYSTEM
Events
Introduced
6.7.0
Fixed
6.10.4

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-42269.json"