CVE-2024-26581

netfilter: nft_set_rbtree: skip end interval element from gc

References

Notes

 carnil> Introduced in f718863aca46 ("netfilter: nft_set_rbtree: fix overlap expiration
 carnil> walk"). Vulnerable versions: 5.4.262 5.10.190 5.15.124 6.1.43 6.4.8 6.5-rc4.

Bugs

Status

Branch Status
4.19-buster-security N/A "Vulnerable code not present"
4.19-upstream-stable N/A "Vulnerable code not present"
5.10-bullseye-security released (5.10.216-1)
5.10-upstream-stable released (5.10.210) [4cee42fcf54fec46b344681e7cc4f234bb22f85a]
6.1-bookworm-security released (6.1.82-1)
6.1-upstream-stable released (6.1.78) [1296c110c5a0b45a8fcf58e7d18bc5da61a565cb]
6.6-upstream-stable released (6.6.17) [b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7]
6.8-upstream-stable N/A "Fixed before branching point"
sid released (6.7.7-1)
upstream released (6.8-rc4) [60c0c230c6f046da536d3df8b39a20b9a9fd6af0]