{"id":"CVE-2024-44944","summary":"netfilter: ctnetlink: use helper function to calculate expect ID","details":"In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use helper function to calculate expect ID\n\nDelete expectation path is missing a call to the nf_expect_get_id()\nhelper function to calculate the expectation ID, otherwise LSB of the\nexpectation object address is leaked to userspace.","modified":"2026-03-20T12:38:54.287623Z","published":"2024-08-30T07:56:41.693Z","related":["MGASA-2024-0309","MGASA-2024-0310","SUSE-SU-2024:3551-1","SUSE-SU-2024:3561-1","SUSE-SU-2024:3564-1","SUSE-SU-2024:3569-1","SUSE-SU-2024:3587-1","SUSE-SU-2024:3592-1","SUSE-SU-2025:20073-1","SUSE-SU-2025:20077-1"],"database_specific":{"cna_assigner":"Linux","osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/44xxx/CVE-2024-44944.json"},"references":[{"type":"WEB","url":"https://git.kernel.org/stable/c/24f407042cf90b0872de667460230d8d50c06c39"},{"type":"WEB","url":"https://git.kernel.org/stable/c/27662b46f2adaa52c1665a82af4b21c42c4337fd"},{"type":"WEB","url":"https://git.kernel.org/stable/c/5e2c24f7b0911b15c29aefce760bcf770542fb61"},{"type":"WEB","url":"https://git.kernel.org/stable/c/64c0b8e64be8368617ef08dfc59a3160563a1435"},{"type":"WEB","url":"https://git.kernel.org/stable/c/66e7650dbbb8e236e781c670b167edc81e771450"},{"type":"WEB","url":"https://git.kernel.org/stable/c/74de442b8e12a207c07953ee068009a7701aff8f"},{"type":"WEB","url":"https://git.kernel.org/stable/c/782161895eb4ac45cf7cfa8db375bd4766cb8299"},{"type":"WEB","url":"https://git.kernel.org/stable/c/eb4ca1a97e08ff5b920664ba292e576257e2d184"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2024/10/msg00003.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2025/01/msg00001.html"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/44xxx/CVE-2024-44944.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-44944"},{"type":"ADVISORY","url":"https://www.zerodayinitiative.com/advisories/ZDI-24-1182/"},{"type":"PACKAGE","url":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"7b115755fb9d3aff0ddcd18a5c4d83381362acce"},{"fixed":"66e7650dbbb8e236e781c670b167edc81e771450"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"3c79107631db1f7fd32cf3f7368e4672004a3010"},{"fixed":"64c0b8e64be8368617ef08dfc59a3160563a1435"},{"fixed":"eb4ca1a97e08ff5b920664ba292e576257e2d184"},{"fixed":"5e2c24f7b0911b15c29aefce760bcf770542fb61"},{"fixed":"24f407042cf90b0872de667460230d8d50c06c39"},{"fixed":"27662b46f2adaa52c1665a82af4b21c42c4337fd"},{"fixed":"74de442b8e12a207c07953ee068009a7701aff8f"},{"fixed":"782161895eb4ac45cf7cfa8db375bd4766cb8299"}]},{"type":"GIT","repo":"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git","events":[{"introduced":"0"},{"last_affected":"3d8b3d0384f709126beef6b917b7e97c23f18e74"},{"last_affected":"36bbd861a402a8c5bd8f0365a5967d34cc492f09"},{"last_affected":"1922476beeeea46bebbe577215078736dd4231dc"},{"last_affected":"f862c13c3c926d3008b2c2bcc746ab813108dfbf"},{"last_affected":"b0a90cae081d7ee14eaa46524fb70f4e23ae8905"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-44944.json"}}],"schema_version":"1.7.5"}