CVE - CVE-2024-44944

CVE-ID
CVE-2024-44944	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: use helper function to calculate expect ID Delete expectation path is missing a call to the nf_expect_get_id() helper function to calculate the expectation ID, otherwise LSB of the expectation object address is leaked to userspace.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39 URL:https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39 MISC:https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd URL:https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd MISC:https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61 URL:https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61 MISC:https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435 URL:https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435 MISC:https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450 URL:https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450 MISC:https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f URL:https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f MISC:https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299 URL:https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299 MISC:https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184 URL:https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184 MISC:https://www.zerodayinitiative.com/advisories/ZDI-24-1182/ URL:https://www.zerodayinitiative.com/advisories/ZDI-24-1182/
Assigning CNA
kernel.org
Date Record Created
20240821	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20240821)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.