CVE-2024-26642

Advisory lineage Upstream: 0 Downstream: 55

Downstream

DEBIAN-CVE-2024-26642 DLA-3840-1 DLA-3842-1 DSA-5658-1 DSA-5681-1 LSN-0105-1

Modified

Published: 21 Mar 2024, 10:43

Last modified:12 May 2026, 11:49

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

v3.1 (nvd)

EPSS Score

0.01% LOW

0% probability 0.00%

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

21 Mar 2024, 10:43

Published

Vulnerability first disclosed

12 May 2026, 11:49

Last Modified

Vulnerability information updated

Description

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS Trends

Current EPSS score: 0.01%• Percentile: 1%

Affected Systems

debian•debian_linux
10.0
linux•linux
≥ 761da2935d6e18d178582dbdf315a3a458555505, < e4988d8415bd0294d6f9f4a1e7095f8b50a97ca9 | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < e9a0d3f376eb356d54ffce36e7cc37514cbfbd6f | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < fe40ffbca19dc70d7c6b1e3c77b9ccb404c57351 | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < 7cdc1be24cc1bcd56a3e89ac4aef20e31ad09199 | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < 72c1efe3f247a581667b7d368fff3bd9a03cd57a | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < c0c2176d1814b92ea4c8e7eb7c9cd94cd99c1b12 | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < 8e07c16695583a66e81f67ce4c46e94dece47ba7 | ≥ 761da2935d6e18d178582dbdf315a3a458555505, < 16603605b667b70da974bea8216c93e7db043bf1 | 4.1
linux•linux_kernel
≥ 4.1, < 4.19.312 | ≥ 4.20, < 5.4.274 | ≥ 5.5, < 5.10.215 | ≥ 5.11, < 5.15.154 | ≥ 5.16, < 6.1.84 | ≥ 6.2, < 6.6.24 | ≥ 6.7, < 6.7.12