Linux Kernel Use-After-Free Vulnerability
Summary
| CVE | CVE-2024-1086 |
|---|---|
| State | PUBLISHED |
| Assigner | Unknown |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2024-01-31 13:15:00 UTC |
| Updated | 2024-03-26 18:15:00 UTC |
| Description | Linux kernel contains a use-after-free vulnerability in the netfilter: nf_tables component that allows an attacker to achieve local privilege escalation. |
Risk And Classification
EPSS: 0.860560000 probability, percentile 0.993890000 (date 2026-04-01)
CISA KEV: Listed on 2024-05-30; due 2024-06-20; ransomware use Known
Problem Types: CWE-416
CISA Known Exploited Vulnerability
| Vendor | Linux |
|---|---|
| Product | Kernel |
| Name | Linux Kernel Use-After-Free Vulnerability |
| Required Action | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
| Notes | This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. Please check with specific vendors for information on patching status. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660; https://nvd.nist.gov/vuln/detail/CVE-2024-1086 |
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Linux | Linux Kernel | All | All | All | All |
| Operating System | Linux | Linux Kernel | 6.8 | rc1 | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660 | kernel.dance | ||
| news.ycombinator.com/item | news.ycombinator.com | ||
| netfilter: nf_tables: reject QUEUE/DROP verdict parameters - kernel/git/torvalds/linux.git - Linux kernel source tree | git.kernel.org | ||
| pwning.tech/nftables | pwning.tech | ||
| lists.fedoraproject.org/archives/list/[email protected]/messag... | lists.fedoraproject.org | ||
| github.com/Notselwyn/CVE-2024-1086 | github.com | ||
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
| CISA Known Exploited Vulnerabilities catalog | CISA | www.cisa.gov | kev |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 161426 Oracle Enterprise Linux Security Update for kernel (ELSA-2024-1249)
- 161448 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2024-12260)
- 161450 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2024-12259)
- 161452 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2024-12256)
- 161455 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2024-12258)
- 161456 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2024-12255)
- 161457 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2024-12257)
- 161463 Oracle Enterprise Linux Security Update for kernel (ELSA-2024-12266)
- 161465 Oracle Enterprise Linux Security Update for kernel (ELSA-2024-12265)
- 161469 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2024-12270)
- 161470 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2024-12274)
- 161471 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2024-12271)
- 161472 Oracle Enterprise Linux Security Update for unbreakable enterprise kernel-container (ELSA-2024-12275)
- 161479 Oracle Enterprise Linux Security Update for kernel (ELSA-2024-1607)
- 200182 Ubuntu Security Notification for Linux kernel (OEM) Vulnerabilities (USN-6688-1)
- 200199 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6700-1)
- 200202 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6701-1)
- 200205 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6702-1)
- 200209 Ubuntu Security Notification for Linux kernel (GCP) Vulnerabilities (USN-6701-2)
- 200210 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6704-1)
- 200211 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6707-1)
- 200213 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6702-2)
- 200214 Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-6705-1)
- 200216 Ubuntu Security Notification for Linux kernel (ARM laptop) Vulnerabilities (USN-6707-2)
- 200217 Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-6700-2)
- 200218 Ubuntu Security Notification for Linux kernel (Raspberry Pi) Vulnerabilities (USN-6704-2)
- 200221 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6716-1)
- 200222 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-6701-3)
- 200223 Ubuntu Security Notification for Linux kernel (Oracle) Vulnerabilities (USN-6704-3)
- 200226 Ubuntu Security Notification for Linux kernel (AWS) Vulnerabilities (USN-6707-3)
- 200236 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6707-4)
- 200237 Ubuntu Security Notification for Linux kernel (Intel IoTG) Vulnerabilities (USN-6704-4)
- 200244 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-6701-4)
- 242941 Red Hat Update for kernel (RHSA-2024:0930)
- 242985 Red Hat Update for kernel (RHSA-2024:1018)
- 242986 Red Hat Update for kernel-rt (RHSA-2024:1019)
- 243051 Red Hat Update for kernel (RHSA-2024:1249)
- 243071 Red Hat Update for kernel-rt (RHSA-2024:1332)
- 243087 Red Hat Update for kernel (RHSA-2024:1404)
- 243160 Red Hat Update for kernel security (RHSA-2024:1607)
- 243167 Red Hat Update for kernel-rt (RHSA-2024:1614)
- 257311 CentOS Security Update for kernel (CESA-2024:1249)
- 285004 Fedora Security Update for kernel (FEDORA-2024-2116a8468b)
- 357213 Amazon Linux Security Advisory for kernel : ALAS-2024-1919
- 357215 Amazon Linux Security Advisory for kernel : ALAS2-2024-2453
- 357258 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.15-2024-038
- 357259 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.4-2024-060
- 357261 Amazon Linux Security Advisory for kernel : ALAS2KERNEL-5.10-2024-050
- 379614 Alibaba Cloud Linux Security Update for cloud-kernel (ALINUX3-SA-2024:0017)
- 390296 Oracle VM Server for x86 Security Update for kernel (OVMSA-2024-0004)
- 6140420 AWS Bottlerocket Security Update for kernel (GHSA-rg7w-fxjf-pcxp)
- 6140432 AWS Bottlerocket Security Update for kernel (GHSA-qcq9-mjfp-mmjw)
- 674156 EulerOS Security Update for kernel (EulerOS-SA-2024-1509)
- 674158 EulerOS Security Update for kernel (EulerOS-SA-2024-1488)
- 755747 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0469-1)
- 755750 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0476-1)
- 755751 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0474-1)
- 755752 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0478-1)
- 755753 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0484-1)
- 755754 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0516-1)
- 755755 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0515-1)
- 755756 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0514-1)
- 755765 SUSE Enterprise Linux Security Update for the Linux Kernel (SUSE-SU-2024:0483-1)
- 941650 AlmaLinux Security Update for kernel (ALSA-2024:1607)
- 961147 Rocky Linux Security Update for kernel (RLSA-2024:1607)
- 961150 Rocky Linux Security Update for kernel-rt (RLSA-2024:1614)