CVE-2024-27403 (GCVE-0-2024-27403)

Vulnerability from cvelistv5 – Published: 2024-05-17 11:40 – Updated: 2025-05-04 09:04
VLAI?
Title
netfilter: nft_flow_offload: reset dst in route object after setting up flow
Summary
In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: reset dst in route object after setting up flow dst is transferred to the flow object, route object does not own it anymore. Reset dst in route object, otherwise if flow_offload_add() fails, error path releases dst twice, leading to a refcount underflow.
Severity ?
No CVSS data available.
Assigner
References
Impacted products
Vendor Product Version
Linux Linux Affected: a3c90f7a2323b331ae816d5b0633e68148e25d04 , < 4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c (git)
Affected: a3c90f7a2323b331ae816d5b0633e68148e25d04 , < 012df10717da02367aaf92c65f9c89db206c15f4 (git)
Affected: a3c90f7a2323b331ae816d5b0633e68148e25d04 , < 558b00a30e05753a62ecc7e05e939ca8f0241148 (git)
Affected: a3c90f7a2323b331ae816d5b0633e68148e25d04 , < 670548c8db44d76e40e1dfc06812bca36a61e9ae (git)
Affected: a3c90f7a2323b331ae816d5b0633e68148e25d04 , < 9e0f0430389be7696396c62f037be4bf72cf93e3 (git)
Create a notification for this product.
    Linux Linux Affected: 4.16
Unaffected: 0 , < 4.16 (semver)
Unaffected: 5.15.150 , ≤ 5.15.* (semver)
Unaffected: 6.1.80 , ≤ 6.1.* (semver)
Unaffected: 6.6.19 , ≤ 6.6.* (semver)
Unaffected: 6.7.7 , ≤ 6.7.* (semver)
Unaffected: 6.8 , ≤ * (original_commit_for_fix)
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27403",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-17T17:17:07.998820Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:46:43.380Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:34:52.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_flow_table.h",
            "net/netfilter/nf_flow_table_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c",
              "status": "affected",
              "version": "a3c90f7a2323b331ae816d5b0633e68148e25d04",
              "versionType": "git"
            },
            {
              "lessThan": "012df10717da02367aaf92c65f9c89db206c15f4",
              "status": "affected",
              "version": "a3c90f7a2323b331ae816d5b0633e68148e25d04",
              "versionType": "git"
            },
            {
              "lessThan": "558b00a30e05753a62ecc7e05e939ca8f0241148",
              "status": "affected",
              "version": "a3c90f7a2323b331ae816d5b0633e68148e25d04",
              "versionType": "git"
            },
            {
              "lessThan": "670548c8db44d76e40e1dfc06812bca36a61e9ae",
              "status": "affected",
              "version": "a3c90f7a2323b331ae816d5b0633e68148e25d04",
              "versionType": "git"
            },
            {
              "lessThan": "9e0f0430389be7696396c62f037be4bf72cf93e3",
              "status": "affected",
              "version": "a3c90f7a2323b331ae816d5b0633e68148e25d04",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "include/net/netfilter/nf_flow_table.h",
            "net/netfilter/nf_flow_table_core.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "4.16"
            },
            {
              "lessThan": "4.16",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.150",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.80",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.19",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.7.*",
              "status": "unaffected",
              "version": "6.7.7",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "6.8",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.150",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.80",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.19",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.7.7",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.8",
                  "versionStartIncluding": "4.16",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_flow_offload: reset dst in route object after setting up flow\n\ndst is transferred to the flow object, route object does not own it\nanymore.  Reset dst in route object, otherwise if flow_offload_add()\nfails, error path releases dst twice, leading to a refcount underflow."
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-04T09:04:21.899Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c"
        },
        {
          "url": "https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4"
        },
        {
          "url": "https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148"
        },
        {
          "url": "https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae"
        },
        {
          "url": "https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3"
        }
      ],
      "title": "netfilter: nft_flow_offload: reset dst in route object after setting up flow",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2024-27403",
    "datePublished": "2024-05-17T11:40:17.992Z",
    "dateReserved": "2024-02-25T13:47:42.681Z",
    "dateUpdated": "2025-05-04T09:04:21.899Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: nft_flow_offload: reset dst in route object after setting up flow\\n\\ndst is transferred to the flow object, route object does not own it\\nanymore.  Reset dst in route object, otherwise if flow_offload_add()\\nfails, error path releases dst twice, leading to a refcount underflow.\"}, {\"lang\": \"es\", \"value\": \" En el kernel de Linux, se resolvi\\u00f3 la siguiente vulnerabilidad: netfilter: nft_flow_offload: restablece dst en el objeto de ruta despu\\u00e9s de configurar el flujo dst se transfiere al objeto de flujo, el objeto de ruta ya no es propietario. Restablezca el dst en el objeto de ruta; de lo contrario, si flow_offload_add() fallo, la ruta de error libera el dst dos veces, lo que provoca un desbordamiento insuficiente del recuento.\"}]",
      "id": "CVE-2024-27403",
      "lastModified": "2024-11-21T09:04:32.720",
      "published": "2024-05-17T12:15:10.030",
      "references": "[{\"url\": \"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3\", \"source\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\"}, {\"url\": \"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
      "vulnStatus": "Awaiting Analysis"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-27403\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2024-05-17T12:15:10.030\",\"lastModified\":\"2025-09-18T17:28:55.453\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: nft_flow_offload: reset dst in route object after setting up flow\\n\\ndst is transferred to the flow object, route object does not own it\\nanymore.  Reset dst in route object, otherwise if flow_offload_add()\\nfails, error path releases dst twice, leading to a refcount underflow.\"},{\"lang\":\"es\",\"value\":\" En el kernel de Linux, se resolvi\u00f3 la siguiente vulnerabilidad: netfilter: nft_flow_offload: restablece dst en el objeto de ruta despu\u00e9s de configurar el flujo dst se transfiere al objeto de flujo, el objeto de ruta ya no es propietario. Restablezca el dst en el objeto de ruta; de lo contrario, si flow_offload_add() fallo, la ruta de error libera el dst dos veces, lo que provoca un desbordamiento insuficiente del recuento.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.16\",\"versionEndExcluding\":\"5.15.150\",\"matchCriteriaId\":\"27202095-6B1F-47FF-B661-C624B6AA6C0D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.80\",\"matchCriteriaId\":\"BA7850CE-97C9-4408-A348-6173296BCA2B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.19\",\"matchCriteriaId\":\"8D82004C-B2AE-4048-9344-32EFF65953B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.7.7\",\"matchCriteriaId\":\"575EE16B-67F2-4B5B-B5F8-1877715C898B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F4EA73-0894-400F-A490-3A397AB7A517\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"056BD938-0A27-4569-B391-30578B309EE3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F02056A5-B362-4370-9FF8-6F0BD384D520\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"62075ACE-B2A0-4B16-829D-B3DA5AE5CC41\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:6.8:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"A780F817-2A77-4130-A9B7-5C25606314E3\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:34:52.105Z\"}}, {\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27403\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-17T17:17:07.998820Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:24.691Z\"}, \"title\": \"CISA ADP Vulnrichment\"}], \"cna\": {\"title\": \"netfilter: nft_flow_offload: reset dst in route object after setting up flow\", \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"a3c90f7a2323b331ae816d5b0633e68148e25d04\", \"lessThan\": \"4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3c90f7a2323b331ae816d5b0633e68148e25d04\", \"lessThan\": \"012df10717da02367aaf92c65f9c89db206c15f4\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3c90f7a2323b331ae816d5b0633e68148e25d04\", \"lessThan\": \"558b00a30e05753a62ecc7e05e939ca8f0241148\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3c90f7a2323b331ae816d5b0633e68148e25d04\", \"lessThan\": \"670548c8db44d76e40e1dfc06812bca36a61e9ae\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"a3c90f7a2323b331ae816d5b0633e68148e25d04\", \"lessThan\": \"9e0f0430389be7696396c62f037be4bf72cf93e3\", \"versionType\": \"git\"}], \"programFiles\": [\"include/net/netfilter/nf_flow_table.h\", \"net/netfilter/nf_flow_table_core.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"4.16\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"4.16\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.15.150\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.80\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.19\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.7.7\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.7.*\"}, {\"status\": \"unaffected\", \"version\": \"6.8\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"include/net/netfilter/nf_flow_table.h\", \"net/netfilter/nf_flow_table_core.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/4c167af9f6b5ae4a5dbc243d5983c295ccc2e43c\"}, {\"url\": \"https://git.kernel.org/stable/c/012df10717da02367aaf92c65f9c89db206c15f4\"}, {\"url\": \"https://git.kernel.org/stable/c/558b00a30e05753a62ecc7e05e939ca8f0241148\"}, {\"url\": \"https://git.kernel.org/stable/c/670548c8db44d76e40e1dfc06812bca36a61e9ae\"}, {\"url\": \"https://git.kernel.org/stable/c/9e0f0430389be7696396c62f037be4bf72cf93e3\"}], \"x_generator\": {\"engine\": \"bippy-5f407fcff5a0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnetfilter: nft_flow_offload: reset dst in route object after setting up flow\\n\\ndst is transferred to the flow object, route object does not own it\\nanymore.  Reset dst in route object, otherwise if flow_offload_add()\\nfails, error path releases dst twice, leading to a refcount underflow.\"}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2024-12-19T08:54:21.794Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-27403\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-12-19T08:54:21.794Z\", \"dateReserved\": \"2024-02-25T13:47:42.681Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2024-05-17T11:40:17.992Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}