In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that has been just added in this transactions, skip end interval elements that are not yet active. https://git.kernel.org/stable/c/1296c110c5a0b45a8fcf58e7d18bc5da61a565cb https://git.kernel.org/stable/c/60c0c230c6f046da536d3df8b39a20b9a9fd6af0 https://git.kernel.org/stable/c/6eb14441f10602fa1cf691da9d685718b68b78a9 https://git.kernel.org/stable/c/b734f7a47aeb32a5ba298e4ccc16bb0c52b6dbf7
Created kernel tracking bugs for this issue: Affects: fedora-all [bug 2265186]
This was fixed for Fedora with the 6.7.5 stable kernel updates.
The result of automatic check (that is developed by Alexander Larkin) for this CVE-2024-26581 is: CHECK Maybe valid. Check manually. with impact MODERATE (that is approximation based on flags REMOTE SIMPLEFIX NETFILTER ; these flags parsed automatically based on patche data). Such automatic check happens only for Low/Moderates (and only when not from reporter, but parsing already existing CVE). Highs always checked manually (I check it myself and then we check it again in Remediation team). In rare cases some of the Moderates could be increased to High later.
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:4823 https://access.redhat.com/errata/RHSA-2024:4823
This issue has been addressed in the following products: Red Hat Enterprise Linux 9.2 Extended Update Support Via RHSA-2024:4831 https://access.redhat.com/errata/RHSA-2024:4831
This issue has been addressed in the following products: Red Hat Enterprise Linux 9 Via RHSA-2024:5928 https://access.redhat.com/errata/RHSA-2024:5928