CVE-2024-1086

CVE Database · CVE-2024-1086

CVE-2024-1086

· HIGHAnalyzed

CVSS v3.1

7.8

EPSS

23.58%

Published

Jan 31, 2024

Modified

Oct 27, 2025

CISA Known Exploited Vulnerability

Added: 2024-05-30 · Due: 2024-06-20

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Public PoC / Exploit (9)

All weaponized →

TrickestTrickest PoC index GitHub PoCNotselwyn/CVE-2024-1086★2448 GitHub PoCLLfam/CVE-2024-1086★20 GitHub PoCAlicey0719/docker-POC_CVE-2024-1086★3 GitHub PoCkevcooper/CVE-2024-1086-checker★2 GitHub PoCCCIEVoice2009/CVE-2024-1086★0 GitHub PoCfeely666/CVE-2024-1086★0 GitHub PoCxzx482/CVE-2024-1086★0 GitHub PoCkarim4353/CVE-2024-1086-Exploit★0

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-416CWE-416

Affected Products (19)

linux · linux_kernel (up to 5.15.149)vulnerable

linux · linux_kernel (up to 6.1.76)vulnerable

linux · linux_kernel (up to 6.6.15)vulnerable

linux · linux_kernel (up to 6.7.3)vulnerable

linux · linux_kernelvulnerable

fedoraproject · fedoravulnerable

redhat · enterprise_linux_desktopvulnerable