When will CVE-2024-1086 be patched?

I understand that this is not an issue for kernels above version 6.6 but what about Leap systems? I have a Leap system and I am concerned about its safety for daily use, as this computer is used by someone who does not particularly understand the implications of the problem or how bad this CVE is.

When will the Leap kernel be patched?

rpm -q --changelog kernel-default | grep -B4  '2024-1086'
- commit 7b3f4c4

* Di Feb 06 2024 denis.kirjanov@suse.com
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  (CVE-2024-1086 bsc#1219434).
--
- commit 7b3f4c4

* Di Feb 06 2024 denis.kirjanov@suse.com
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  (CVE-2024-1086 bsc#1219434).
--
- commit 7b3f4c4

* Di Feb 06 2024 denis.kirjanov@suse.com
- netfilter: nf_tables: reject QUEUE/DROP verdict parameters
  (CVE-2024-1086 bsc#1219434).

and this is for Leap right?

Yes. This was already fixed for Leap in february 2024. You can also check the relevant bugreport for this CVE…

zypper lp -a --cve=CVE-2024-1086

-a because it is already installed.

thank god, I have someone who matters dearly to me and their computer has leap on it. Thanks for helping!

just confirming, this is patched on Leap?

Only when the system manager of the system applied the update.

image

Typically when security bugs are made public, they have already been fixed.
All we need to do is keep our systems updated.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.