In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses).
This issue affects: https://pkg.go.dev/github.com/google/nftables@v0.1.0
The bug was fixed in the next released version: https://pkg.go.dev/github.com/google/nftables@v0.2.0
References
| Link | Resource |
|---|---|
| https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596 | Issue Tracking |
| https://github.com/crowdsecurity/cs-firewall-bouncer/issues/368 | Exploit Issue Tracking |
| https://github.com/google/nftables/issues/225 | Exploit Issue Tracking |
| https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596 | Issue Tracking |
| https://github.com/crowdsecurity/cs-firewall-bouncer/issues/368 | Exploit Issue Tracking |
| https://github.com/google/nftables/issues/225 | Exploit Issue Tracking |
Configurations
History
08 Sep 2025, 10:15
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-1389 CWE-1286 |
22 Jul 2025, 18:45
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | NVD-CWE-noinfo | |
| CPE | cpe:2.3:a:google:nftables:0.1.0:*:*:*:*:go:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.3 |
| First Time |
Google nftables
|
|
| References | () https://bugs.launchpad.net/ubuntu/+source/crowdsec-firewall-bouncer/+bug/2069596 - Issue Tracking | |
| References | () https://github.com/crowdsecurity/cs-firewall-bouncer/issues/368 - Exploit, Issue Tracking | |
| References | () https://github.com/google/nftables/issues/225 - Exploit, Issue Tracking |
Information
Published : 2024-07-03 23:15
Updated : 2025-09-08 10:15
NVD link : CVE-2024-6284
Mitre link : CVE-2024-6284
CVE.ORG link : CVE-2024-6284
JSON object : View
Products Affected
- nftables
CWE
CWE-1286
Improper Validation of Syntactic Correctness of Input
CWE-1389Incorrect Parsing of Numbers with Different Radices
NVD-CWE-noinfo