CVE-2024-1086

HIGH 7.8

⚠️ CISA KEV

Use-after-free in Linux kernel's netfilter: nf_tables component

CVSS Score

7.8

EPSS Score

0.0%

EPSS Percentile

0th

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

CWE	CWE-416
Vendor	linux
Product	kernel
Ecosystems	Linux Kernel
Industries	Technology
Published	Jan 31, 2024
Last Updated	Oct 21, 2025

⚠️ Actively Exploited — Act Now

Get instant alerts for linux kernel

This vulnerability is actively exploited in the wild. Set up free real-time alerts so you're first to know about threats like CVE-2024-1086.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Affected Versions

Linux / Kernel

3.15 < 6.8

References

NVD ↗ CVE.org ↗ EPSS Data ↗

git.kernel.org: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f342de4e2f33e0e39165d8639387aa6c19dff660 kernel.dance: https://kernel.dance/f342de4e2f33e0e39165d8639387aa6c19dff660 lists.fedoraproject.org: https://lists.fedoraproject.org/archives/list/[email protected]/message/7LSPIOMIJYTLZB6QKPQVVAYSUETUWKPF/ github.com: https://github.com/Notselwyn/CVE-2024-1086 news.ycombinator.com: https://news.ycombinator.com/item?id=39828424 pwning.tech: https://pwning.tech/nftables/ openwall.com: http://www.openwall.com/lists/oss-security/2024/04/15/2 openwall.com: http://www.openwall.com/lists/oss-security/2024/04/10/23 openwall.com: http://www.openwall.com/lists/oss-security/2024/04/10/22 openwall.com: http://www.openwall.com/lists/oss-security/2024/04/14/1 openwall.com: http://www.openwall.com/lists/oss-security/2024/04/17/5 security.netapp.com: https://security.netapp.com/advisory/ntap-20240614-0009/ lists.debian.org: https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html lists.debian.org: https://lists.debian.org/debian-lts-announce/2024/06/msg00020.html cisa.gov: https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-1086

Credits

Notselwyn