Description

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb If we're redirecting the skb, and haven't called tcf_mirred_forward(), yet, we need to tell the core to drop the skb by setting the retcode to SHOT. If we have called tcf_mirred_forward(), however, the skb is out of our hands and returning SHOT will lead to UaF. Move the retval override to the error path which actually need it.

INFO

Published Date :

2024-04-03T17:00:24.879Z

Last Modified :

2025-11-03T19:29:31.734Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-26739 vulnerability.

Vendors Products
Debian
  • Debian Linux
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Rhel Eus

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact