vulnerability
Ubuntu: (CVE-2024-6284): golang-github-google-nftables vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Jul 3, 2024 | Jun 26, 2025 | Sep 9, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Jul 3, 2024
Added
Jun 26, 2025
Modified
Sep 9, 2025
Description
In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses).
This issue affects: https://pkg.go.dev/github.com/google/[email protected]
The bug was fixed in the next released version: https://pkg.go.dev/github.com/google/[email protected]
Solution
no-fix-ubuntu-package
References
- CVE-2024-6284
- https://attackerkb.com/topics/CVE-2024-6284
- CWE-1286
- CWE-1389
- URL-https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596
- URL-https://github.com/crowdsecurity/cs-firewall-bouncer/issues/368
- URL-https://github.com/google/nftables/commit/d746ecb0e494e7200180c3886fde9664d9100729
- URL-https://github.com/google/nftables/issues/225
- URL-https://www.cve.org/CVERecord?id=CVE-2024-6284
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.