CVE-2024-53141

UNKNOWN

Published 2024-12-06T09:37:02.009Z

Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2024-53141. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

In the Linux kernel, the following vulnerability has been resolved:

netfilter: ipset: add missing range check in bitmap_ip_uadt

When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists,
the values of ip and ip_to are slightly swapped. Therefore, the range check
for ip should be done later, but this part is missing and it seems that the
vulnerability occurs.

So we should add missing range checks and remove unnecessary range checks.

Available Exploits

No exploits available for this CVE.

Related News

CVE-2024-53141: Linux Kernel Flaw Enables Privilege Escalation, PoC Releases

Security researcher published the technical details and a proof-of-concept exploit for a vulnerability in Linux kernel—CVE-2024-53141, having a The post CVE-2024-53141: Linux Kernel Flaw Enables Privilege Escalation, PoC Releases appeared first on Daily CyberSecurity.

SecurityOnline.info 2025-04-18 00:52

Affected Products

Linux

Affected Versions:

72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c 72205fc68bd13109576aa6c4c12c740962d28a6c

Linux

Affected Versions:

2.6.39 0 4.19.325 5.4.287 5.10.231 5.15.174 6.1.120 6.6.64 6.11.11 6.12.2 6.13

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed HIGH

GHSA-9567-2gw8-p4p5

Advisory Details

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values of ip and ip_to are slightly swapped. Therefore, the range check for ip should be done later, but this part is missing and it seems that the vulnerability occurs. So we should add missing range checks and remove unnecessary range checks.

CVSS Scoring

CVSS Score

7.5

CVSS Vector


                                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2024-53141

WEB https://git.kernel.org/stable/c/15794835378ed56fb9bacc6a5dd3b9f33520604e

WEB https://git.kernel.org/stable/c/2e151b8ca31607d14fddc4ad0f14da0893e1a7c7

WEB https://git.kernel.org/stable/c/35f56c554eb1b56b77b3cf197a6b00922d49033d

WEB https://git.kernel.org/stable/c/3c20b5948f119ae61ee35ad8584d666020c91581

WEB https://git.kernel.org/stable/c/591efa494a1cf649f50a35def649c43ae984cd03

WEB https://git.kernel.org/stable/c/78b0f2028f1043227a8eb0c41944027fc6a04596

WEB https://git.kernel.org/stable/c/7ffef5e5d5eeecd9687204a5ec2d863752aafb7e

WEB https://git.kernel.org/stable/c/856023ef032d824309abd5c747241dffa33aae8c

WEB https://git.kernel.org/stable/c/e67471437ae9083fa73fa67eee1573fec1b7c8cf

Advisory provided by GitHub Security Advisory Database. Published: December 6, 2024, Modified: December 14, 2024

Social Media Intelligence

Real-time discussions and threat intelligence from social platforms

4 posts

Reddit • 5 days, 2 hours ago

SSDisclosure

How a local privilege escalation in the Linux kernel’s netfilter ipset (CVE-2024-53141), caused by a missing range check, can be exploited to bypass KASLR and gain root access

5.0

View Original

Reddit • 1 week, 2 days ago

crstux

Exploit

🔥 Top 10 Trending CVEs (14/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-53773](https://nvd.nist.gov/vuln/detail/CVE-2025-53773)** - 📝 GitHub Copilot and Visual Studio Remote Code Execution Vulnerability - 📅 **Published:** 12/08/2025 - 📈 **CVSS:** 7.8 - 🧭 **Vector:** CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C - 📣 **Mentions:** 10 - ⚠️ **Priority:** …

Also mentions: CVE-2025-52970 CVE-2025-50154 CVE-2025-53773 CVE-2025-8088 CVE-2025-8356 CVE-2025-8355 CVE-2025-6558 CVE-2025-6543 CVE-2025-32433

1.0

View Original High Risk

Reddit • 1 week, 3 days ago

crstux

Exploit

🔥 Top 10 Trending CVEs (13/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2024-53141](https://nvd.nist.gov/vuln/detail/CVE-2024-53141)** - 📝 In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When tb[IPSET_ATTR_IP_TO] is not present but tb[IPSET_ATTR_CIDR] exists, the values …

Also mentions: CVE-2025-8088 CVE-2025-55188 CVE-2025-53786 CVE-2025-6218 CVE-2025-6558 CVE-2025-41236 CVE-2025-49760 CVE-2025-6543 CVE-2025-32433

2.0

View Original High Risk

Reddit • 1 week, 4 days ago

crstux

Exploit

🔥 Top 10 Trending CVEs (12/08/2025) Here’s a quick breakdown of the 10 most interesting vulnerabilities trending today: **1. [CVE-2025-32724](https://nvd.nist.gov/vuln/detail/CVE-2025-32724)** - 📝 Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability - 📅 **Published:** 10/06/2025 - 📈 **CVSS:** 7.5 - 🧭 **Vector:** CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C - 📣 **Mentions:** 4 - ⚠️ …