VYPR
High severity7.0NVD Advisory· Published May 1, 2024· Updated May 12, 2026

CVE-2024-27020

CVE-2024-27020

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: nf_tables: Fix potential data-race in __nft_expr_type_get()

nft_unregister_expr() can concurrent with __nft_expr_type_get(), and there is not any protection when iterate over nf_tables_expressions list in __nft_expr_type_get(). Therefore, there is potential data-race of nf_tables_expressions list entry.

Use list_for_each_entry_rcu() to iterate over nf_tables_expressions list in __nft_expr_type_get(), and use rcu_read_lock() in the caller nft_expr_type_get() to protect the entire type query process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

186

Patches

Vulnerability mechanics

References

16

News mentions

0

No linked articles in our index yet.