A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
| AND |
|
History
05 Jun 2026, 00:22
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Redhat codeready Linux Builder
Redhat enterprise Linux Redhat codeready Linux Builder For Eus Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux For Eus Redhat enterprise Linux For Update Services For Sap Solutions Redhat openshift Logging Redhat enterprise Linux For Els |
|
| CPE | cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:9.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm64_els:9.2:*:*:*:*:*:aarch64:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_els:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm64:9.2:*:*:*:*:*:aarch64:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_els:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_els:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift_for_arm_64:5.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift_for_ibm_z_and_linuxone:5.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift_for_ibm_power_little_endian:5.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_linux_for_eus:9.2:*:*:*:*:*:arm64:* cpe:2.3:a:redhat:openshift_logging:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_eus:9.4:*:*:*:*:*:x64:* cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.2:*:*:*:*:*:x64:* cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.6:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:arm64:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.6:*:*:*:*:*:arm64:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_eus:9.6:*:*:*:*:*:x64:* cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.4:*:*:*:*:*:x64:* cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:aarch64:* cpe:2.3:o:redhat:enterprise_linux:9.2:*:*:*:*:*:arm64:* cpe:2.3:a:redhat:codeready_linux_builder_for_eus:9.4:*:*:*:*:*:arm64:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_update_services_for_sap_solutions:9.2:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_update_services_for_sap_solutions:9.6:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_update_services_for_sap_solutions:9.0:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_els:9.2:*:*:*:*:*:arm64:* cpe:2.3:o:redhat:enterprise_linux_for_els:9.4:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_els:9.6:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_update_services_for_sap_solutions:9.4:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_eus:9.2:*:*:*:*:*:x64:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_els:9.2:*:*:*:*:*:x64:* |
15 May 2026, 17:45
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift:5.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_els:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.4_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64:9.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.6_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_els:9.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm64_els:9.2:*:*:*:*:*:aarch64:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_els:9.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.6:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.4_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift_for_ibm_z_and_linuxone:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_els:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_update_services_for_sap_solutions:9.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.6_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_els:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.6:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm64:9.2:*:*:*:*:*:aarch64:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift_for_arm_64:5.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:9.4:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_power_little_endian_eus:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.0_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.4_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.6_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.6_s390x:*:*:*:*:*:*:* cpe:2.3:a:redhat:logging_subsystem_for_red_hat_openshift_for_ibm_power_little_endian:5.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.4_ppc64le:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_x86_64_eus:9.6:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.2_aarch64:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_for_x86_64_eus:9.2:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.6_aarch64:*:*:*:*:*:*:* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.2_s390x:*:*:*:*:*:*:* |
| First Time |
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat codeready Linux Builder For X86 64 Eus Redhat enterprise Linux Server Aus Redhat enterprise Linux For Arm64 Redhat enterprise Linux For X86 64 Update Services For Sap Solutions Redhat enterprise Linux For Arm 64 Redhat codeready Linux Builder For Arm64 Redhat enterprise Linux For X86 64 Redhat enterprise Linux For Ibm Z Systems Redhat codeready Linux Builder For Power Little Endian Redhat codeready Linux Builder For Arm64 Eus Redhat logging Subsystem For Red Hat Openshift For Ibm Power Little Endian Redhat enterprise Linux For Ibm Z Systems Els Redhat enterprise Linux For Power Little Endian Eus Redhat enterprise Linux For Arm 64 Eus Redhat codeready Linux Builder For Ibm Z Systems Eus Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Redhat enterprise Linux For Arm 64 Els Redhat logging Subsystem For Red Hat Openshift For Arm 64 Redhat enterprise Linux For X86 64 Els Redhat logging Subsystem For Red Hat Openshift Redhat codeready Linux Builder For Power Little Endian Eus Redhat enterprise Linux For Arm64 Els Redhat enterprise Linux For X86 64 Eus Redhat enterprise Linux For Power Little Endian Els Redhat codeready Linux Builder For Ibm Z Systems Redhat logging Subsystem For Red Hat Openshift For Ibm Z And Linuxone |
|
| References | () https://access.redhat.com/errata/RHSA-2024:1018 - Vendor Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:1019 - Vendor Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:1248 - Vendor Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:2094 - Vendor Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:4412 - Vendor Advisory | |
| References | () https://access.redhat.com/errata/RHSA-2024:4415 - Vendor Advisory |
21 Nov 2024, 08:46
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://access.redhat.com/errata/RHSA-2024:1018 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:1019 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:1248 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:2094 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:4412 - | |
| References | () https://access.redhat.com/errata/RHSA-2024:4415 - | |
| References | () https://access.redhat.com/security/cve/CVE-2024-0193 - Mitigation, Third Party Advisory | |
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2255653 - Issue Tracking, Patch, Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
09 Jul 2024, 12:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
08 Jul 2024, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
12 Mar 2024, 04:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
28 Feb 2024, 15:15
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
09 Jan 2024, 18:09
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.7 |
| First Time |
Redhat
Linux Linux linux Kernel Redhat enterprise Linux |
|
| References | () https://bugzilla.redhat.com/show_bug.cgi?id=2255653 - Issue Tracking, Patch, Third Party Advisory | |
| References | () https://access.redhat.com/security/cve/CVE-2024-0193 - Mitigation, Third Party Advisory | |
| CWE | CWE-416 | |
| CPE | cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
03 Jan 2024, 17:15
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | A use-after-free flaw was found in the netfilter subsystem of the Linux kernel. If the catchall element is garbage-collected when the pipapo set is removed, the element can be deactivated twice. This can cause a use-after-free issue on an NFT_CHAIN object or NFT_OBJECT object, allowing a local unprivileged user with CAP_NET_ADMIN capability to escalate their privileges on the system. |
02 Jan 2024, 18:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2024-01-02 18:15
Updated : 2026-06-05 00:22
NVD link : CVE-2024-0193
Mitre link : CVE-2024-0193
CVE.ORG link : CVE-2024-0193
JSON object : View
Products Affected
redhat
- codeready_linux_builder_for_ibm_z_systems_eus
- enterprise_linux_for_ibm_z_systems
- codeready_linux_builder
- enterprise_linux_for_update_services_for_sap_solutions
- enterprise_linux_for_ibm_z_systems_eus
- enterprise_linux_for_power_little_endian_eus
- codeready_linux_builder_for_power_little_endian
- enterprise_linux_for_ibm_z_systems_els
- enterprise_linux
- enterprise_linux_for_els
- enterprise_linux_for_arm_64_eus
- codeready_linux_builder_for_power_little_endian_eus
- openshift_logging
- enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
- enterprise_linux_for_power_little_endian
- enterprise_linux_for_arm_64_els
- enterprise_linux_for_arm_64
- enterprise_linux_server_aus
- codeready_linux_builder_for_ibm_z_systems
- enterprise_linux_for_eus
- codeready_linux_builder_for_eus
- enterprise_linux_for_power_little_endian_els
linux
- linux_kernel
CWE
CWE-416
Use After Free