{ "threat_severity" : "Moderate", "public_date" : "2024-05-19T00:00:00Z", "bugzilla" : { "description" : "kernel: netfilter: nf_tables: discard table flag update with pending basechain deletion", "id" : "2281672", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2281672" }, "cvss3" : { "cvss3_base_score" : "5.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "details" : [ "In the Linux kernel, the following vulnerability has been resolved:\nnetfilter: nf_tables: discard table flag update with pending basechain deletion\nHook unregistration is deferred to the commit phase, same occurs with\nhook updates triggered by the table dormant flag. When both commands are\ncombined, this results in deleting a basechain while leaving its hook\nstill registered in the core.", "This CVE involves a flaw in the Linux kernel's nf_tables component, part of the Netfilter framework used for packet filtering and firewall functionalities. The vulnerability arises when a table's dormant flag is updated while there's a pending deletion of a base chain. In such cases, the unregistration of hooks is deferred until the commit phase. If both operations—updating the dormant flag and deleting the base chain—are combined, it can result in the base chain being deleted while its hook remains registered in the core system. This inconsistency may lead to unexpected behavior or potential security risks." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-08T00:00:00Z", "advisory" : "RHSA-2024:5102", "cpe" : "cpe:/a:redhat:enterprise_linux:8::nfv", "package" : "kernel-rt-0:4.18.0-553.16.1.rt7.357.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2024-08-08T00:00:00Z", "advisory" : "RHSA-2024:5101", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "kernel-0:4.18.0-553.16.1.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-08-28T00:00:00Z", "advisory" : "RHSA-2024:5928", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.33.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2024-08-28T00:00:00Z", "advisory" : "RHSA-2024:5928", "cpe" : "cpe:/o:redhat:enterprise_linux:9", "package" : "kernel-0:5.14.0-427.33.1.el9_4" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2024-08-13T00:00:00Z", "advisory" : "RHSA-2024:5257", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "kernel-0:5.14.0-70.112.1.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2024-08-13T00:00:00Z", "advisory" : "RHSA-2024:5256", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0::nfv", "package" : "kernel-rt-0:5.14.0-70.112.1.rt21.184.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-07-24T00:00:00Z", "advisory" : "RHSA-2024:4823", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "kernel-0:5.14.0-284.75.1.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2024-07-24T00:00:00Z", "advisory" : "RHSA-2024:4831", "cpe" : "cpe:/a:redhat:rhel_eus:9.2::nfv", "package" : "kernel-rt-0:5.14.0-284.75.1.rt14.360.el9_2" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Not affected", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 9", "fix_state" : "Affected", "package_name" : "kernel-rt", "cpe" : "cpe:/o:redhat:enterprise_linux:9" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-35897\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-35897\nhttps://lore.kernel.org/linux-cve-announce/2024051951-CVE-2024-35897-1585@gregkh/T" ], "name" : "CVE-2024-35897", "csaw" : false }