{"id":"CVE-2024-26642","summary":"netfilter: nf_tables: disallow anonymous set with timeout flag","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: disallow anonymous set with timeout flag\n\nAnonymous sets are never used with timeout from userspace, reject this.\nException to this rule is NFT_SET_EVAL to ensure legacy meters still work.","modified":"2026-04-02T10:05:19.768366Z","published":"2024-03-21T10:43:43.495Z","related":["ALSA-2024:3306","ALSA-2024:3618","ALSA-2024:3627","MGASA-2024-0141","MGASA-2024-0142","SUSE-SU-2024:1454-1","SUSE-SU-2024:1465-1","SUSE-SU-2024:1466-1","SUSE-SU-2024:1480-1","SUSE-SU-2024:1489-1","SUSE-SU-2024:1490-1","SUSE-SU-2024:1641-1","SUSE-SU-2024:1643-1","SUSE-SU-2024:1646-1","SUSE-SU-2024:1647-1","SUSE-SU-2024:1870-1","SUSE-SU-2024:2135-1","SUSE-SU-2024:2203-1","SUSE-SU-2024:2973-1","SUSE-SU-2025:20008-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26642.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/16603605b667b70da974bea8216c93e7db043bf1"},{"type":"WEB","url":"https://git.kernel.org/stable/c/72c1efe3f247a581667b7d368fff3bd9a03cd57a"},{"type":"WEB","url":"https://git.kernel.org/stable/c/7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199"},{"type":"WEB","url":"https://git.kernel.org/stable/c/8e07c16695583a66e81f67ce4c46e94dece47ba7"},{"type":"WEB","url":"https://git.kernel.org/stable/c/c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9"},{"type":"WEB","url":"https://git.kernel.org/stable/c/e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/26xxx/CVE-2024-26642.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-26642"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"761da2935d6e18d178582dbdf315a3a458555505"},{"fixed":"e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9"},{"fixed":"e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f"},{"fixed":"fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351"},{"fixed":"7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199"},{"fixed":"72c1efe3f247a581667b7d368fff3bd9a03cd57a"},{"fixed":"c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12"},{"fixed":"8e07c16695583a66e81f67ce4c46e94dece47ba7"},{"fixed":"16603605b667b70da974bea8216c93e7db043bf1"}]}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-26642.json"}}],"schema_version":"1.7.5"}