### [CVE-2024-1086](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1086)
![](https://img.shields.io/static/v1?label=Product&message=Kernel&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=3.15%3C%206.8%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-416%20Use%20After%20Free&color=brighgreen)

### Description

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation.The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the nf_hook_slow() function can cause a double free vulnerability when NF_DROP is issued with a drop error which resembles NF_ACCEPT.We recommend upgrading past commit f342de4e2f33e0e39165d8639387aa6c19dff660.

### POC

#### Reference
- https://github.com/Notselwyn/CVE-2024-1086
- https://news.ycombinator.com/item?id=39828424
- https://pwning.tech/nftables/

#### Github
- https://github.com/0pts/0pts-bitpixie
- https://github.com/0xMarcio/cve
- https://github.com/0xsyr0/OSCP
- https://github.com/AMatheusFeitosaM/OSCP-Cheat
- https://github.com/ARGOeu-Metrics/secmon-probes
- https://github.com/AdamDanielHarris/awesome-stars
- https://github.com/Alicey0719/docker-POC_CVE-2024-1086
- https://github.com/AlvaroCaroFdez/IS-3.c.02-ACF
- https://github.com/Andromeda254/cve
- https://github.com/Anomaly-8/ZPOZAS_lab2
- https://github.com/BachoSeven/stellestelline
- https://github.com/CCIEVoice2009/CVE-2024-1086
- https://github.com/CHDevSec/RedPhaton
- https://github.com/Disturbante/Linux-Pentest
- https://github.com/EGI-Federation/SVG-advisories
- https://github.com/Faizan-Khanx/OSCP
- https://github.com/GhostTroops/TOP
- https://github.com/GonzaloPulido/UAC_Incidentes
- https://github.com/Hiimsonkul/Hiimsonkul
- https://github.com/HugoAPortela/Criando-Agente-Deteccao-Vulnerabilidades-Arquiteturas
- https://github.com/Jappie3/starred
- https://github.com/LLfam/CVE-2024-1086
- https://github.com/Maikefee/linux-exploit-hunter
- https://github.com/Mudoleto/URL_CODER
- https://github.com/Notselwyn/CVE-2024-1086
- https://github.com/Notselwyn/exploits
- https://github.com/Notselwyn/notselwyn
- https://github.com/PsychoH4x0r/Unknown1337-Auto-Root-
- https://github.com/ReflectedThanatos/OSCP-cheatsheet
- https://github.com/S3cur3Th1sSh1t/My-starred-Repositories
- https://github.com/SantoriuHen/NotesHck
- https://github.com/SenukDias/OSCP_cheat
- https://github.com/Snoopy-Sec/Localroot-ALL-CVE
- https://github.com/Technetium1/stars
- https://github.com/TigerIsMyPet/KernelExploit
- https://github.com/VishuGahlyan/OSCP
- https://github.com/Willenst/primitive
- https://github.com/YgorAlberto/ygoralberto.github.io
- https://github.com/Zombie-Kaiser/Zombie-Kaiser
- https://github.com/andigandhi/bitpixie
- https://github.com/aneasystone/github-trending
- https://github.com/aobakwewastaken/aobakwewastaken
- https://github.com/bfengj/Cloud-Security
- https://github.com/brimstone/stars
- https://github.com/bsauce/bsauce
- https://github.com/bsauce/kernel-exploit-factory
- https://github.com/bsauce/kernel-security-learning
- https://github.com/daphne97/daphne97
- https://github.com/exfilt/CheatSheet
- https://github.com/fazilbaig1/oscp
- https://github.com/feely666/CVE-2024-1086
- https://github.com/fireinrain/github-trending
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://github.com/garatc/bitpixie
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/iakat/stars
- https://github.com/inikhilgitd/Basic-Vulnerability-Scan-on-Your-PC
- https://github.com/jafshare/GithubTrending
- https://github.com/jetblk/Flipper-Zero-JavaScript
- https://github.com/jmfgd/cve_details
- https://github.com/johe123qwe/github-trending
- https://github.com/karim4353/CVE-2024-1086-Exploit
- https://github.com/karim4353/karim4353
- https://github.com/kevcooper/CVE-2024-1086-checker
- https://github.com/lobo360/iptables-ubuntu
- https://github.com/lykorix/CVE-Research
- https://github.com/makoto56/penetration-suite-toolkit
- https://github.com/martanne/bitpixie
- https://github.com/nisadevi11/Localroot-ALL-CVE
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/phixion/phixion
- https://github.com/rootkalilocalhost/CVE-2024-1086
- https://github.com/seekerzz/MyRSSSync
- https://github.com/tanjiti/sec_profile
- https://github.com/trganda/starrlist
- https://github.com/uhub/awesome-c
- https://github.com/unresolv/stars
- https://github.com/wuhanstudio/awesome-stars
- https://github.com/xairy/linux-kernel-exploitation
- https://github.com/xzx482/CVE-2024-1086
- https://github.com/yigitcantunay35/les-moders
- https://github.com/zhanpengliu-tencent/medium-cve
- https://github.com/zulloper/cve-poc