CVE-2024-53141

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-53141

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-53141.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-53141

Downstream

BELL-CVE-2024-53141

DEBIAN-CVE-2024-53141

DLA-4075-1

DLA-4076-1

OESA-2025-1034

OESA-2025-1158

OESA-2025-1162

OESA-2025-1286

RHSA-2025:6966

RHSA-2025:7526

RHSA-2025:7531

RHSA-2025:7532

RHSA-2025:7533

RHSA-2025:7534

RHSA-2025:7652

RHSA-2025:7675

RHSA-2025:7682

RHSA-2025:7732

RHSA-2025:7896

RHSA-2025:7897

RHSA-2025:7898

RHSA-2025:7899

RHSA-2025:7901

RHSA-2025:7902

RHSA-2025:8342

RHSA-2025:8343

RHSA-2025:8344

RHSA-2025:8345

RHSA-2025:8346

RHSA-2025:8347

RHSA-2025:8348

SUSE-SU-2025:0117-1

SUSE-SU-2025:0153-1

SUSE-SU-2025:0154-1

SUSE-SU-2025:02099-1

SUSE-SU-2025:02264-1

SUSE-SU-2025:02308-1

SUSE-SU-2025:0236-1

SUSE-SU-2025:02537-1

SUSE-SU-2025:0289-1

SUSE-SU-2025:0556-1

SUSE-SU-2025:0577-1

SUSE-SU-2025:0577-2

Related

Published

2024-12-06T10:15:06Z

Modified

2025-08-09T20:01:25Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: add missing range check in bitmapipuadt

When tb[IPSETATTRIPTO] is not present but tb[IPSETATTRCIDR] exists, the values of ip and ipto are slightly swapped. Therefore, the range check for ip should be done later, but this part is missing and it seems that the vulnerability occurs.

So we should add missing range checks and remove unnecessary range checks.

References

Affected packages