CVE-2024-1086

KEV
Published: Gen 31, 2024 Last Modified: Ott 27, 2025
ExploitDB:
Other exploit source:
Google Dorks:
HIGH 7,8
Source: [email protected]
Attack Vector: local
Attack Complexity: low
Privileges Required: low
User Interaction: none
Scope: unchanged
Confidentiality: high
Integrity: high
Availability: high

Description

AI Translation Available

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.

The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.

We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,8597
Percentile
1,0th
Updated

EPSS Score Trend (Last 90 Days)

416

Use After Free

Stable
Abstraction: Variant Structure: Simple
Common Consequences
Security Scopes Affected:
Integrity Availability Confidentiality
Potential Impacts:
Modify Memory Dos: Crash, Exit, Or Restart Execute Unauthorized Code Or Commands
Applicable Platforms
Languages: C, C++, Memory-Unsafe
Likelihood of Exploit: High
View CWE Details
Operating System

Debian Linux by Debian

Product Information
Vendor Debian
Product Debian Linux
Version 10.0
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

A250 Firmware by Netapp

Product Information
Vendor Netapp
Product A250 Firmware
Version -
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Ibm Z Systems by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Ibm Z Systems
Version 7.0_s390x
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:7.0_s390x:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Desktop by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Desktop
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Server by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Server
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.7 (inclusive)
To 6.7.3 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.1 (inclusive)
To 6.1.76 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Little Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Little Endian
Version 7.0_ppc64le
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:7.0_ppc64le:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux Workstation by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux Workstation
Version 7.0
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 6.2 (inclusive)
To 6.6.15 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Enterprise Linux For Power Big Endian by Redhat

Product Information
Vendor Redhat
Product Enterprise Linux For Power Big Endian
Version 7.0_ppc64
cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:7.0_ppc64:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version Range Affected
From 3.15 (inclusive)
To 5.15.149 (exclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Fedora by Fedoraproject

Product Information
Vendor Fedoraproject
Product Fedora
Version 39
cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

Linux Kernel by Linux

Product Information
Vendor Linux
Product Linux Kernel
Version 6.8
cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

500F Firmware by Netapp

Product Information
Vendor Netapp
Product 500F Firmware
Version -
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
Operating System

C250 Firmware by Netapp

Product Information
Vendor Netapp
Product C250 Firmware
Version -
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://www.cisa.gov/known-exploited-vulnerabilities-catalo…
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024…
https://github.com/Notselwyn/CVE-2024-1086
https://github.com/Notselwyn/CVE-2024-1086
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/li…
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f…
https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff6…
https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660
https://lists.debian.org/debian-lts-announce/2024/06/msg000…
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
https://lists.debian.org/debian-lts-announce/2024/06/msg000…
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/[email protected]
https://news.ycombinator.com/item?id=39828424
https://news.ycombinator.com/item?id=39828424
https://pwning.tech/nftables/
https://pwning.tech/nftables/
https://security.netapp.com/advisory/ntap-20240614-0009/
https://security.netapp.com/advisory/ntap-20240614-0009/
http://www.openwall.com/lists/oss-security/2024/04/10/22
http://www.openwall.com/lists/oss-security/2024/04/10/22
http://www.openwall.com/lists/oss-security/2024/04/10/23
http://www.openwall.com/lists/oss-security/2024/04/10/23
http://www.openwall.com/lists/oss-security/2024/04/14/1
http://www.openwall.com/lists/oss-security/2024/04/14/1
http://www.openwall.com/lists/oss-security/2024/04/15/2
http://www.openwall.com/lists/oss-security/2024/04/15/2
http://www.openwall.com/lists/oss-security/2024/04/17/5
http://www.openwall.com/lists/oss-security/2024/04/17/5
https://github.com/Notselwyn/CVE-2024-1086
https://github.com/Notselwyn/CVE-2024-1086
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/li…
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f…
https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff6…
https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660
https://lists.debian.org/debian-lts-announce/2024/06/msg000…
https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html
https://lists.debian.org/debian-lts-announce/2024/06/msg000…
https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html
https://lists.fedoraproject.org/archives/list/package-annou…
https://lists.fedoraproject.org/archives/list/[email protected]
https://news.ycombinator.com/item?id=39828424
https://news.ycombinator.com/item?id=39828424
https://pwning.tech/nftables/
https://pwning.tech/nftables/
https://security.netapp.com/advisory/ntap-20240614-0009/
https://security.netapp.com/advisory/ntap-20240614-0009/
http://www.openwall.com/lists/oss-security/2024/04/10/22
http://www.openwall.com/lists/oss-security/2024/04/10/22
http://www.openwall.com/lists/oss-security/2024/04/10/23
http://www.openwall.com/lists/oss-security/2024/04/10/23
http://www.openwall.com/lists/oss-security/2024/04/14/1
http://www.openwall.com/lists/oss-security/2024/04/14/1
http://www.openwall.com/lists/oss-security/2024/04/15/2
http://www.openwall.com/lists/oss-security/2024/04/15/2
http://www.openwall.com/lists/oss-security/2024/04/17/5
http://www.openwall.com/lists/oss-security/2024/04/17/5