Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow.

INFO

Published Date :

2024-05-17T11:40:17.992Z

Last Modified :

2025-05-04T09:04:21.899Z

Source :

Linux
AFFECTED PRODUCTS

The following products are affected by CVE-2024-27403 vulnerability.

Vendors Products
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Rhel E4s
  • Rhel Eus
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-27403.

URL Resource
https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4 cve-icon cve-icon
https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c cve-icon cve-icon
https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148 cve-icon cve-icon
https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae cve-icon cve-icon
https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3 cve-icon cve-icon
https://lore.kernel.org/linux-cve-announce/2024051738-CVE-2024-27403-c4ba@gregkh/T cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-27403 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-27403 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact