CVE-2024-1086

Published Jan 31, 2024

Last updated 5 months ago

Exploit knownCVSS high 7.8

Overview

Description
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT. We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.
Source
cve-coordination@google.com
NVD status
Analyzed
Products
linux_kernel, fedora, enterprise_linux_desktop, enterprise_linux_for_ibm_z_systems, enterprise_linux_for_power_big_endian, enterprise_linux_for_power_little_endian, enterprise_linux_server, enterprise_linux_workstation, debian_linux, a250_firmware, 500f_firmware, c250_firmware

Risk scores

CVSS 3.1

Type
Primary
Base score
7.8
Impact score
5.9
Exploitability score
1.8
Vector string
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Known exploits

Data from CISA

Vulnerability name
Linux Kernel Use-After-Free Vulnerability
Exploit added on
May 30, 2024
Exploit action due
Jun 20, 2024
Required action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Weaknesses

cve-coordination@google.com
CWE-416
nvd@nist.gov
CWE-416

Social media

Hype score
Not currently trending

  1. ⚠️Múltiples vulnerabilidades en Palo Alto PAN-OS ❗CVE-2023-43804 ❗CVE-2024-1086 ❗CVE-2022-30633 ➡️Más info: https://t.co/FLWNYeGAm1 https://t.co/BjkAWmPsWl

    @CERTpy

    18 Jul 2025

    152 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CISA warns attackers are exploiting a critical Linux kernel flaw (CVE-2024-1086) to gain root access. Patch now—federal agencies must fix by June 20. Check your kernel version and mitigate ASAP. Details: https://t.co/4UiYqWzJcM

    @RedTeamNewsBlog

    18 Jun 2025

    36 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Fine supporto per Microsoft Office 2016 e 2019 e 9 vulnerabilità attivamente sfruttate Sicurezza Informatica, Apache Superset, Bug, cisa, CVE, CVE-2022-48618, CVE-2024-1086, fine supporto, ICS, Office 2016 fine supporto, Office 2019, Parker Hannifin, Phi… https://t.co/YS0JFApJV2

    @matricedigitale

    18 Apr 2025

    137 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. [1day1line] CVE-2024-1086: Use-After-Free Vulnerability in Linux Kernel Today's one-line issue is CVE-2024-1086 which is Use-After-Free Vulnerability in Linux Kernel. This vulnerability is a UAF vulnerability in the nf_tables component of netfilter. https://t.co/wSdKHxiWh1

    @hackyboiz

    12 Mar 2025

    1542 Impressions

    11 Retweets

    39 Likes

    14 Bookmarks

    0 Replies

    0 Quotes

  5. 🛠️Added new proof-of-concept for  CVE-2024-1086 vulnerability in use-after-free vulnerability in the Linux kernel's netfilter: nf_tables to #CyberSecFolio https://t.co/pzpaOHtUhF #infosec #cyber #security Vulnerability Description 👇 https://t.co/DBLpa2hwxw

    @gothburz

    6 Jan 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    1 Reply

    0 Quotes

Configurations

References

Sources include official advisories and independent security research.