All the vulnerabilites related to Red Hat - Red Hat Enterprise Linux 8.8 Extended Update Support
cve-2024-1488
Vulnerability from cvelistv5
Published
2024-02-15 05:04
Modified
2024-11-13 14:45
Severity ?
EPSS score ?
Summary
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1750 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1751 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1780 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1801 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1802 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1804 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2587 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2696 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-1488 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2264183 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 1.16.2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1488", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-15T18:02:37.532018Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:22:53.092Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:40:21.182Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:1750", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1750" }, { "name": "RHSA-2024:1751", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1751" }, { "name": "RHSA-2024:1780", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1780" }, { "name": "RHSA-2024:1801", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "name": "RHSA-2024:1802", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1802" }, { "name": "RHSA-2024:1804", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "name": "RHSA-2024:2587", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "name": "RHSA-2024:2696", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-1488" }, { "name": "RHBZ#2264183", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://src.fedoraproject.org/rpms/unbound/", "defaultStatus": "unaffected", "packageName": "unbound", "versions": [ { "status": "affected", "version": "1.16.2" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.16.2-5.el8_9.6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-12.el8_2.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-12.el8_2.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-12.el8_2.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-15.el8_4.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-15.el8_4.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-15.el8_4.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.7.3-17.el8_6.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.16.2-5.el8_8.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.16.2-3.el9_3.5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.13.1-13.el9_0.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/a:redhat:rhel_eus:9.2::crb" ], "defaultStatus": "affected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.16.2-3.el9_2.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "unbound", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2024-02-13T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-15", "description": "External Control of System or Configuration Setting", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T14:45:55.751Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:1750", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1750" }, { "name": "RHSA-2024:1751", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1751" }, { "name": "RHSA-2024:1780", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1780" }, { "name": "RHSA-2024:1801", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1801" }, { "name": "RHSA-2024:1802", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1802" }, { "name": "RHSA-2024:1804", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1804" }, { "name": "RHSA-2024:2587", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2587" }, { "name": "RHSA-2024:2696", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2696" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-1488" }, { "name": "RHBZ#2264183", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183" } ], "timeline": [ { "lang": "en", "time": "2024-02-14T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-02-13T00:00:00+00:00", "value": "Made public." } ], "title": "Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-276-\u003eCWE-15: Incorrect Default Permissions leads to External Control of System or Configuration Setting" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-1488", "datePublished": "2024-02-15T05:04:13.994Z", "dateReserved": "2024-02-14T12:47:25.283Z", "dateUpdated": "2024-11-13T14:45:55.751Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-40551
Vulnerability from cvelistv5
Published
2024-01-29 16:46
Modified
2024-11-24 14:19
Severity ?
EPSS score ?
Summary
A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system's boot phase.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1834 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1835 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1873 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1876 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1883 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1902 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1903 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1959 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2086 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-40551 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2259918 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 7 |
Unaffected: 0:15.8-3.el7 < * cpe:/o:redhat:enterprise_linux:7::workstation cpe:/o:redhat:enterprise_linux:7::client cpe:/o:redhat:enterprise_linux:7::server |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-40551", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-25T16:31:11.138934Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:19:12.747Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T18:38:50.616Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:1834", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1834" }, { "name": "RHSA-2024:1835", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1835" }, { "name": "RHSA-2024:1873", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1873" }, { "name": "RHSA-2024:1876", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1876" }, { "name": "RHSA-2024:1883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1883" }, { "name": "RHSA-2024:1902", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1902" }, { "name": "RHSA-2024:1903", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1903" }, { "name": "RHSA-2024:1959", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1959" }, { "name": "RHSA-2024:2086", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2086" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-40551" }, { "name": "RHBZ#2259918", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/05/msg00009.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::client", "cpe:/o:redhat:enterprise_linux:7::server" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-3.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::client", "cpe:/o:redhat:enterprise_linux:7::server" ], "defaultStatus": "affected", "packageName": "shim-signed", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-1.el7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-4.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.2::baseos", "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.2::baseos", "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.2::baseos", "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "shim-unsigned-x64", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-4.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-3.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "shim-unsigned-aarch64", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "shim-unsigned-x64", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-2.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.2::baseos" ], "defaultStatus": "affected", "packageName": "shim", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:15.8-3.el9_2", "versionType": "rpm" } ] } ], "datePublic": "2024-01-23T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in the MZ binary format in Shim. An out-of-bounds read may occur, leading to a crash or possible exposure of sensitive data during the system\u0027s boot phase." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-24T14:19:30.770Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:1834", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1834" }, { "name": "RHSA-2024:1835", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1835" }, { "name": "RHSA-2024:1873", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1873" }, { "name": "RHSA-2024:1876", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1876" }, { "name": "RHSA-2024:1883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1883" }, { "name": "RHSA-2024:1902", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1902" }, { "name": "RHSA-2024:1903", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1903" }, { "name": "RHSA-2024:1959", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1959" }, { "name": "RHSA-2024:2086", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2086" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-40551" }, { "name": "RHBZ#2259918", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2259918" } ], "timeline": [ { "lang": "en", "time": "2023-07-26T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-01-23T00:00:00+00:00", "value": "Made public." } ], "title": "Shim: out of bounds read when parsing mz binaries", "x_redhatCweChain": "CWE-125: Out-of-bounds Read" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-40551", "datePublished": "2024-01-29T16:46:43.579Z", "dateReserved": "2023-08-15T20:04:15.616Z", "dateUpdated": "2024-11-24T14:19:30.770Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0553
Vulnerability from cvelistv5
Published
2024-01-16 11:40
Modified
2024-11-23 00:10
Severity ?
EPSS score ?
Summary
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:0533 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0627 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0796 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1082 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1108 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1383 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2094 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-0553 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2258412 | issue-tracking, x_refsource_REDHAT | |
https://gitlab.com/gnutls/gnutls/-/issues/1522 | ||
https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 3.8.0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T18:11:35.649Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/01/19/3" }, { "name": "RHSA-2024:0533", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "name": "RHSA-2024:0627", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0627" }, { "name": "RHSA-2024:0796", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0796" }, { "name": "RHSA-2024:1082", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1082" }, { "name": "RHSA-2024:1108", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1108" }, { "name": "RHSA-2024:1383", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-0553" }, { "name": "RHBZ#2258412", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258412" }, { "tags": [ "x_transferred" ], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1522" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/02/msg00010.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/" }, { "tags": [ "x_transferred" ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240202-0011/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://gnutls.org/download.html", "defaultStatus": "unaffected", "packageName": "gnutls", "versions": [ { "lessThan": "3.8.3", "status": "affected", "version": "3.8.0", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-8.el8_9.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-8.el8_9.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-5.el8_6.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-7.el8_8.2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-23.el9_3.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-23.el9_3.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-21.el9_2.2", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/cephcsi-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-37", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/mcg-core-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-68", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/mcg-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/mcg-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-39", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-client-console-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-58", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-client-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-client-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-13", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-metrics-exporter-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-81", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/ocs-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-79", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-cli-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-22", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-console-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-57", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-cosi-sidecar-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-csi-addons-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-csi-addons-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-15", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-csi-addons-sidecar-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-15", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-multicluster-console-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-54", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-multicluster-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-multicluster-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-10", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-must-gather-rhel9", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-26", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odf-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odr-cluster-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odr-hub-operator-bundle", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-158", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/odr-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-21", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:openshift_data_foundation:4.15::el9" ], "defaultStatus": "affected", "packageName": "odf4/rook-ceph-rhel9-operator", "product": "RHODF-4.15-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v4.15.0-103", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-22", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-11", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch6-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v6.8.1-407", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-proxy-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.0.0-479", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/eventrouter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.4.0-247", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/fluentd-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-5", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/log-file-metric-exporter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.1.0-227", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-curator5-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.1-470", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-loki-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v2.9.6-14", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-view-plugin-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-2", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-24", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-10", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/lokistack-gateway-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-525", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/opa-openshift-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-224", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/vector-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.28.1-56", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2024-01-16T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-203", "description": "Observable Discrepancy", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-23T00:10:16.608Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:0533", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0533" }, { "name": "RHSA-2024:0627", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0627" }, { "name": "RHSA-2024:0796", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0796" }, { "name": "RHSA-2024:1082", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1082" }, { "name": "RHSA-2024:1108", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1108" }, { "name": "RHSA-2024:1383", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1383" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-0553" }, { "name": "RHBZ#2258412", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258412" }, { "url": "https://gitlab.com/gnutls/gnutls/-/issues/1522" }, { "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html" } ], "timeline": [ { "lang": "en", "time": "2024-01-15T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-01-16T00:00:00+00:00", "value": "Made public." } ], "title": "Gnutls: incomplete fix for cve-2023-5981", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-1300-\u003eCWE-203: Improper Protection of Physical Side Channels leads to Observable Discrepancy" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-0553", "datePublished": "2024-01-16T11:40:50.677Z", "dateReserved": "2024-01-15T04:35:34.146Z", "dateUpdated": "2024-11-23T00:10:16.608Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3812
Vulnerability from cvelistv5
Published
2023-07-24 15:19
Modified
2024-11-15 16:30
Severity ?
EPSS score ?
Summary
An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:4.18.0-513.9.1.rt7.311.el8_9 < * cpe:/a:redhat:enterprise_linux:8::nfv cpe:/a:redhat:enterprise_linux:8::realtime |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:50.501Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:6799", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6799" }, { "name": "RHSA-2023:6813", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6813" }, { "name": "RHSA-2023:7370", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7370" }, { "name": "RHSA-2023:7379", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7379" }, { "name": "RHSA-2023:7382", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7382" }, { "name": "RHSA-2023:7389", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7389" }, { "name": "RHSA-2023:7411", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7411" }, { "name": "RHSA-2023:7418", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7418" }, { "name": "RHSA-2023:7548", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7548" }, { "name": "RHSA-2023:7549", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7549" }, { "name": "RHSA-2023:7554", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7554" }, { "name": "RHSA-2024:0340", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0340" }, { "name": "RHSA-2024:0378", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0378" }, { "name": "RHSA-2024:0412", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0412" }, { "name": "RHSA-2024:0461", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0461" }, { "name": "RHSA-2024:0554", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0554" }, { "name": "RHSA-2024:0562", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0562" }, { "name": "RHSA-2024:0563", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0563" }, { "name": "RHSA-2024:0575", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0575" }, { "name": "RHSA-2024:0593", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0593" }, { "name": "RHSA-2024:1961", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1961" }, { "name": "RHSA-2024:2006", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2006" }, { "name": "RHSA-2024:2008", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2008" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3812" }, { "name": "RHBZ#2224048", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224048" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::nfv", "cpe:/a:redhat:enterprise_linux:8::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.9.1.rt7.311.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.9.1.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.1::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.1::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-147.94.1.el8_1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.2::baseos", "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.2::nfv", "cpe:/a:redhat:rhel_tus:8.2::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.rt13.184.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.2::baseos", "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.2::baseos", "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.120.1.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::nfv", "cpe:/a:redhat:rhel_tus:8.4::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.120.1.rt7.196.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.120.1.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.120.1.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.4::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhev_hypervisor:4.4::el8" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.87.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-477.43.1.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.18.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.18.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-70.80.1.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::realtime", "cpe:/a:redhat:rhel_eus:9.0::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-70.80.1.rt21.151.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.0::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.40.1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::realtime", "cpe:/a:redhat:rhel_eus:9.2::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.40.1.rt14.325.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.2::baseos" ], "defaultStatus": "unaffected", "packageName": "kpatch-patch", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhev_hypervisor:4.4::el8" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.87.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "datePublic": "2022-10-22T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "An out-of-bounds memory access flaw was found in the Linux kernel\u2019s TUN/TAP device driver functionality in how a user generates a malicious (too big) networking packet when napi frags is enabled. This flaw allows a local user to crash or potentially escalate their privileges on the system." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T16:30:01.571Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:6799", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6799" }, { "name": "RHSA-2023:6813", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6813" }, { "name": "RHSA-2023:7370", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7370" }, { "name": "RHSA-2023:7379", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7379" }, { "name": "RHSA-2023:7382", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7382" }, { "name": "RHSA-2023:7389", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7389" }, { "name": "RHSA-2023:7411", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7411" }, { "name": "RHSA-2023:7418", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7418" }, { "name": "RHSA-2023:7548", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7548" }, { "name": "RHSA-2023:7549", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7549" }, { "name": "RHSA-2023:7554", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7554" }, { "name": "RHSA-2024:0340", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0340" }, { "name": "RHSA-2024:0378", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0378" }, { "name": "RHSA-2024:0412", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0412" }, { "name": "RHSA-2024:0461", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0461" }, { "name": "RHSA-2024:0554", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0554" }, { "name": "RHSA-2024:0562", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0562" }, { "name": "RHSA-2024:0563", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0563" }, { "name": "RHSA-2024:0575", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0575" }, { "name": "RHSA-2024:0593", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0593" }, { "name": "RHSA-2024:1961", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1961" }, { "name": "RHSA-2024:2006", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2006" }, { "name": "RHSA-2024:2008", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2008" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3812" }, { "name": "RHBZ#2224048", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2224048" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=363a5328f4b0" } ], "timeline": [ { "lang": "en", "time": "2023-07-19T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2022-10-22T00:00:00+00:00", "value": "Made public." } ], "title": "Kernel: tun: bugs for oversize packet when napi frags enabled in tun_napi_alloc_frags", "workarounds": [ { "lang": "en", "value": "To mitigate this issue, prevent the tun module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically." } ], "x_redhatCweChain": "(CWE-416|CWE-787): Use After Free or Out-of-bounds Write" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-3812", "datePublished": "2023-07-24T15:19:21.817Z", "dateReserved": "2023-07-20T13:02:44.826Z", "dateUpdated": "2024-11-15T16:30:01.571Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5367
Vulnerability from cvelistv5
Published
2023-10-25 19:46
Modified
2024-11-23 02:41
Severity ?
EPSS score ?
Summary
A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 7 |
Unaffected: 0:1.20.4-24.el7_9 < * cpe:/o:redhat:enterprise_linux:7::computenode cpe:/o:redhat:enterprise_linux:7::server cpe:/o:redhat:enterprise_linux:7::workstation cpe:/o:redhat:enterprise_linux:7::client |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:59:43.957Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:6802", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6802" }, { "name": "RHSA-2023:6808", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6808" }, { "name": "RHSA-2023:7373", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7373" }, { "name": "RHSA-2023:7388", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7388" }, { "name": "RHSA-2023:7405", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7405" }, { "name": "RHSA-2023:7428", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7428" }, { "name": "RHSA-2023:7436", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7436" }, { "name": "RHSA-2023:7526", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7526" }, { "name": "RHSA-2023:7533", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7533" }, { "name": "RHSA-2024:0010", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0010" }, { "name": "RHSA-2024:0128", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0128" }, { "name": "RHSA-2024:2169", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "name": "RHSA-2024:2170", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "name": "RHSA-2024:2995", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "name": "RHSA-2024:2996", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5367" }, { "name": "RHBZ#2243091", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243091" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2WS5E7H4A5J3U5YBCTMRPQVGWK5LVH7D/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3RK66CXMXO3PCPDU3GDY5FK4UYHUXQJT/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4YBK3I6SETHETBHDETFWM3VSZUQICIDV/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AKKIE626TZOOPD533EYN47J4RFNHZVOP/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HO2Q2NP6R62ZRQQG3XQ4AXUT7J2EKKKY/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L2RMNR4235YXZZQ2X7Q4MTOZDMZ7BBQU/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SEDJN4VFN57K5POOC7BNVD6L6WUUCSG6/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SN6KV4XGQJRVAOSM5C3CWMVAXO53COIP/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TJXNI4BXURC2BKPNAHFJK3C5ZETB7PER/" }, { "tags": [ "x_transferred" ], "url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html" }, { "tags": [ "x_transferred" ], "url": "https://security.gentoo.org/glsa/202401-30" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231130-0004/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5534" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7::computenode", "cpe:/o:redhat:enterprise_linux:7::server", "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::client" ], "defaultStatus": "affected", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.20.4-24.el7_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7::computenode", "cpe:/o:redhat:enterprise_linux:7::server", "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::client" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.8.0-26.el7_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.13.1-2.el8_9.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.20.11-22.el8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "xorg-x11-server-Xwayland", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:21.1.3-15.el8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.1::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.9.0-16.el8_1.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.9.0-15.el8_2.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.9.0-15.el8_2.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream", "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.9.0-15.el8_2.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-8.el8_4.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-8.el8_4.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-8.el8_4.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-6.el8_6.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-15.el8_8.1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.13.1-3.el9_3.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.20.11-24.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "xorg-x11-server-Xwayland", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:22.1.9-5.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-22.el9_0.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-14.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" } ], "datePublic": "2023-10-25T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-23T02:41:07.080Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:6802", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6802" }, { "name": "RHSA-2023:6808", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6808" }, { "name": "RHSA-2023:7373", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7373" }, { "name": "RHSA-2023:7388", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7388" }, { "name": "RHSA-2023:7405", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7405" }, { "name": "RHSA-2023:7428", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7428" }, { "name": "RHSA-2023:7436", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7436" }, { "name": "RHSA-2023:7526", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7526" }, { "name": "RHSA-2023:7533", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7533" }, { "name": "RHSA-2024:0010", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0010" }, { "name": "RHSA-2024:0128", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0128" }, { "name": "RHSA-2024:2169", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "name": "RHSA-2024:2170", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "name": "RHSA-2024:2995", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "name": "RHSA-2024:2996", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5367" }, { "name": "RHBZ#2243091", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243091" }, { "url": "https://lists.x.org/archives/xorg-announce/2023-October/003430.html" } ], "timeline": [ { "lang": "en", "time": "2023-10-03T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-10-25T00:00:00+00:00", "value": "Made public." } ], "title": "Xorg-x11-server: out-of-bounds write in xichangedeviceproperty/rrchangeoutputproperty", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-787: Out-of-bounds Write" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-5367", "datePublished": "2023-10-25T19:46:58.494Z", "dateReserved": "2023-10-03T19:20:29.874Z", "dateUpdated": "2024-11-23T02:41:07.080Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-1062
Vulnerability from cvelistv5
Published
2024-02-12 13:04
Modified
2024-12-04 14:20
Severity ?
EPSS score ?
Summary
A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1074 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1372 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3047 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4209 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4633 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:5690 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:7458 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-1062 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2256711 | ||
https://bugzilla.redhat.com/show_bug.cgi?id=2261879 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 1.4.3.0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-1062", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-22T18:08:45.921597Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:57.500Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T18:26:30.502Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:1074", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1074" }, { "name": "RHSA-2024:1372", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1372" }, { "name": "RHSA-2024:3047", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3047" }, { "name": "RHSA-2024:4209", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:4209" }, { "name": "RHSA-2024:4633", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:4633" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-1062" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711" }, { "name": "RHBZ#2261879", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://github.com/389ds/389-ds-base/", "defaultStatus": "unaffected", "packageName": "389-ds-base", "versions": [ { "lessThan": "2.2.*", "status": "affected", "version": "1.4.3.0", "versionType": "semver" }, { "lessThan": "*", "status": "unaffected", "version": "2.3.0", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:directory_server:11.7::el8" ], "defaultStatus": "affected", "packageName": "redhat-ds:11", "product": "Red Hat Directory Server 11.7 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020240306153507.f969626e", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:directory_server:11.8::el8" ], "defaultStatus": "affected", "packageName": "redhat-ds:11", "product": "Red Hat Directory Server 11.8 for RHEL 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020240606122459.91529cd0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:directory_server_eus:12.2::el9" ], "defaultStatus": "affected", "packageName": "redhat-ds:12", "product": "Red Hat Directory Server 12.2 EUS for RHEL 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9020020240916150035.1674d574", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "389-ds:1.4", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8100020240315011748.945b6f6d", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "389-ds:1.4", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020240213164457.824efc52", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "389-ds:1.4", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020240807050952.6dbb3803", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "389-ds-base", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:2.2.4-9.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:directory_server:12" ], "defaultStatus": "affected", "packageName": "redhat-ds:12/389-ds-base", "product": "Red Hat Directory Server 12", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "389-ds-base", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "389-ds-base", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "389-ds-base", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "datePublic": "2024-01-30T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A heap overflow flaw was found in 389-ds-base. This issue leads to a denial of service when writing a value larger than 256 chars in log_entry_attr." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-04T14:20:42.482Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:1074", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1074" }, { "name": "RHSA-2024:1372", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1372" }, { "name": "RHSA-2024:3047", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3047" }, { "name": "RHSA-2024:4209", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:4209" }, { "name": "RHSA-2024:4633", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:4633" }, { "name": "RHSA-2024:5690", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:5690" }, { "name": "RHSA-2024:7458", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:7458" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-1062" }, { "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256711" }, { "name": "RHBZ#2261879", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2261879" } ], "timeline": [ { "lang": "en", "time": "2024-01-30T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-01-30T00:00:00+00:00", "value": "Made public." } ], "title": "389-ds-base: a heap overflow leading to denail-of-servce while writing a value larger than 256 chars (in log_entry_attr)", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-1062", "datePublished": "2024-02-12T13:04:39.944Z", "dateReserved": "2024-01-30T08:40:08.731Z", "dateUpdated": "2024-12-04T14:20:42.482Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-28834
Vulnerability from cvelistv5
Published
2024-03-21 13:29
Modified
2024-11-25 02:45
Severity ?
EPSS score ?
Summary
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1784 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1879 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1997 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2044 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2570 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2889 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-28834 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2269228 | issue-tracking, x_refsource_REDHAT | |
https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html | ||
https://minerva.crocs.fi.muni.cz/ |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 3.7.6-23 |
||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-28834", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-03-21T18:20:34.669036Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:21:15.410Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T00:56:58.323Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/22/1" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2024/03/22/2" }, { "name": "RHSA-2024:1784", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1784" }, { "name": "RHSA-2024:1879", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1879" }, { "name": "RHSA-2024:1997", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1997" }, { "name": "RHSA-2024:2044", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2044" }, { "name": "RHSA-2024:2570", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2570" }, { "name": "RHSA-2024:2889", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2889" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-28834" }, { "name": "RHBZ#2269228", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228" }, { "tags": [ "x_transferred" ], "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html" }, { "tags": [ "x_transferred" ], "url": "https://minerva.crocs.fi.muni.cz/" }, { "tags": [ "x_transferred" ], "url": "https://people.redhat.com/~hkario/marvin/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240524-0004/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://gitlab.com/gnutls/gnutls/", "defaultStatus": "unaffected", "packageName": "gnutls", "versions": [ { "status": "affected", "version": "3.7.6-23" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-8.el8_9.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-8.el8_9.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-5.el8_6.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.6.16-7.el8_8.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-23.el9_3.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.8.3-4.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-23.el9_3.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.8.3-4.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.7.6-21.el9_2.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "gnutls", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2024-03-21T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-327", "description": "Use of a Broken or Risky Cryptographic Algorithm", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-25T02:45:53.454Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:1784", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1784" }, { "name": "RHSA-2024:1879", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1879" }, { "name": "RHSA-2024:1997", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1997" }, { "name": "RHSA-2024:2044", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2044" }, { "name": "RHSA-2024:2570", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2570" }, { "name": "RHSA-2024:2889", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2889" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-28834" }, { "name": "RHBZ#2269228", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228" }, { "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html" }, { "url": "https://minerva.crocs.fi.muni.cz/" } ], "timeline": [ { "lang": "en", "time": "2024-03-11T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-03-21T00:00:00+00:00", "value": "Made public." } ], "title": "Gnutls: vulnerable to minerva side-channel information leak", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-28834", "datePublished": "2024-03-21T13:29:11.532Z", "dateReserved": "2024-03-11T14:43:43.973Z", "dateUpdated": "2024-11-25T02:45:53.454Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-39418
Vulnerability from cvelistv5
Published
2023-08-11 12:19
Modified
2024-12-06 11:12
Severity ?
EPSS score ?
Summary
A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:7785 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7883 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7884 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7885 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-39418 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2228112 | issue-tracking, x_refsource_REDHAT | |
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229 | ||
https://www.postgresql.org/support/security/CVE-2023-39418/ |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 8090020231114113548.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream |
||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:10:20.651Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-39418" }, { "name": "RHBZ#2228112", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228112" }, { "tags": [ "x_transferred" ], "url": "https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230915-0002/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5553" }, { "tags": [ "x_transferred" ], "url": "https://www.postgresql.org/support/security/CVE-2023-39418/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-39418", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2023-12-19T19:31:10.818251Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-03T15:04:13.937Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231114113548.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231113134015.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9030020231120082734.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "postgresql:15", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "9020020231115020618.rhel9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:10/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:12/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "unaffected", "packageName": "postgresql:13/postgresql", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "unaffected", "packageName": "postgresql", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3" ], "defaultStatus": "unaffected", "packageName": "rh-postgresql10-postgresql", "product": "Red Hat Software Collections", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3" ], "defaultStatus": "unaffected", "packageName": "rh-postgresql12-postgresql", "product": "Red Hat Software Collections", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_software_collections:3" ], "defaultStatus": "unaffected", "packageName": "rh-postgresql13-postgresql", "product": "Red Hat Software Collections", "vendor": "Red Hat" } ], "datePublic": "2023-08-10T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in PostgreSQL with the use of the MERGE command, which fails to test new rows against row security policies defined for UPDATE and SELECT. If UPDATE and SELECT policies forbid some rows that INSERT policies do not forbid, a user could store such rows." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Low" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 3.1, "baseSeverity": "LOW", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-1220", "description": "Insufficient Granularity of Access Control", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-06T11:12:05.716Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:7785", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7785" }, { "name": "RHSA-2023:7883", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7883" }, { "name": "RHSA-2023:7884", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7884" }, { "name": "RHSA-2023:7885", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7885" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-39418" }, { "name": "RHBZ#2228112", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2228112" }, { "url": "https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cb2ae5741f2458a474ed3c31458d242e678ff229" }, { "url": "https://www.postgresql.org/support/security/CVE-2023-39418/" } ], "timeline": [ { "lang": "en", "time": "2023-08-01T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-08-10T00:00:00+00:00", "value": "Made public." } ], "title": "Postgresql: merge fails to enforce update or select row security policies", "x_redhatCweChain": "CWE-1220: Insufficient Granularity of Access Control" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-39418", "datePublished": "2023-08-11T12:19:15.819Z", "dateReserved": "2023-08-01T09:31:02.842Z", "dateUpdated": "2024-12-06T11:12:05.716Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-5824
Vulnerability from cvelistv5
Published
2023-11-03 07:56
Modified
2024-11-23 03:19
Severity ?
EPSS score ?
Summary
A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:7465 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7668 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0072 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0397 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0771 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0772 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0773 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1153 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-5824 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2245914 | issue-tracking, x_refsource_REDHAT | |
https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255 |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 8090020231130092412.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:14:24.068Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:7465", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7465" }, { "name": "RHSA-2023:7668", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7668" }, { "name": "RHSA-2024:0072", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0072" }, { "name": "RHSA-2024:0397", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0397" }, { "name": "RHSA-2024:0771", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0771" }, { "name": "RHSA-2024:0772", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0772" }, { "name": "RHSA-2024:0773", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0773" }, { "name": "RHSA-2024:1153", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1153" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5824" }, { "name": "RHBZ#2245914", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245914" }, { "tags": [ "x_transferred" ], "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20231130-0003/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231130092412.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020240122164331.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020240122164331.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream", "cpe:/a:redhat:rhel_e4s:8.2::appstream", "cpe:/a:redhat:rhel_tus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020240122164331.4cda2c84", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020240122165847.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020240122165847.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020240122165847.522a0ee4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231222131040.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "squid:4", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020231222130009.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "squid", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "7:5.5-6.el9_3.2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "squid", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "7:5.2-1.el9_0.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "squid", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "7:5.5-5.el9_2.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "affected", "packageName": "squid", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "affected", "packageName": "squid", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2023-10-19T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in Squid. The limits applied for validation of HTTP response headers are applied before caching. However, Squid may grow a cached HTTP response header beyond the configured maximum size, causing a stall or crash of the worker process when a large header is retrieved from the disk cache, resulting in a denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-755", "description": "Improper Handling of Exceptional Conditions", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-23T03:19:19.791Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:7465", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7465" }, { "name": "RHSA-2023:7668", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7668" }, { "name": "RHSA-2024:0072", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0072" }, { "name": "RHSA-2024:0397", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0397" }, { "name": "RHSA-2024:0771", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0771" }, { "name": "RHSA-2024:0772", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0772" }, { "name": "RHSA-2024:0773", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0773" }, { "name": "RHSA-2024:1153", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1153" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-5824" }, { "name": "RHBZ#2245914", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245914" }, { "url": "https://github.com/squid-cache/squid/security/advisories/GHSA-543m-w2m2-g255" } ], "timeline": [ { "lang": "en", "time": "2023-10-24T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-10-19T00:00:00+00:00", "value": "Made public." } ], "title": "Squid: dos against http and https", "workarounds": [ { "lang": "en", "value": "Disabling the disk caching mechanism will mitigate this vulnerability. To achieve this, remove all the \u0027cache_dir\u0027 directives from the Squid configuration, typically in the /etc/squid/squid.conf file." } ], "x_redhatCweChain": "CWE-755: Improper Handling of Exceptional Conditions" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-5824", "datePublished": "2023-11-03T07:56:36.369Z", "dateReserved": "2023-10-27T09:37:47.593Z", "dateUpdated": "2024-11-23T03:19:19.791Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6606
Vulnerability from cvelistv5
Published
2023-12-08 16:58
Modified
2024-11-15 15:14
Severity ?
EPSS score ?
Summary
An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:0723 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0725 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0881 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0897 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1188 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1248 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1404 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2094 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-6606 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.kernel.org/show_bug.cgi?id=218218 | ||
https://bugzilla.redhat.com/show_bug.cgi?id=2253611 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:4.18.0-513.18.1.rt7.320.el8_9 < * cpe:/a:redhat:enterprise_linux:8::nfv cpe:/a:redhat:enterprise_linux:8::realtime |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-6606", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2023-12-11T21:20:47.767463Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-11T14:22:01.806Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T08:35:14.877Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:0723", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0723" }, { "name": "RHSA-2024:0725", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0725" }, { "name": "RHSA-2024:0881", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0881" }, { "name": "RHSA-2024:0897", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0897" }, { "name": "RHSA-2024:1188", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1188" }, { "name": "RHSA-2024:1248", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1248" }, { "name": "RHSA-2024:1404", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1404" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-6606" }, { "tags": [ "x_transferred" ], "url": "https://bugzilla.kernel.org/show_bug.cgi?id=218218" }, { "name": "RHBZ#2253611", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253611" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::nfv", "cpe:/a:redhat:enterprise_linux:8::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.18.1.rt7.320.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.18.1.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.95.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::crb", "cpe:/o:redhat:rhel_eus:8.8::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-477.51.1.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.24.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.24.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.52.1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::nfv", "cpe:/a:redhat:rhel_eus:9.2::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.52.1.rt14.337.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.95.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-22", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-11", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch6-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v6.8.1-407", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-proxy-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.0.0-479", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/eventrouter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.4.0-247", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/fluentd-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-5", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/log-file-metric-exporter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.1.0-227", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-curator5-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.1-470", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-loki-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v2.9.6-14", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-view-plugin-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-2", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-24", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-10", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/lokistack-gateway-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-525", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/opa-openshift-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-224", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/vector-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.28.1-56", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "datePublic": "2023-12-04T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local attacker to crash the system or leak internal kernel information." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-125", "description": "Out-of-bounds Read", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:14:05.240Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:0723", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0723" }, { "name": "RHSA-2024:0725", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0725" }, { "name": "RHSA-2024:0881", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0881" }, { "name": "RHSA-2024:0897", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0897" }, { "name": "RHSA-2024:1188", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1188" }, { "name": "RHSA-2024:1248", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1248" }, { "name": "RHSA-2024:1404", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1404" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-6606" }, { "url": "https://bugzilla.kernel.org/show_bug.cgi?id=218218" }, { "name": "RHBZ#2253611", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253611" } ], "timeline": [ { "lang": "en", "time": "2023-12-08T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-12-04T00:00:00+00:00", "value": "Made public." } ], "title": "Kernel: out-of-bounds read vulnerability in smbcalcsize", "workarounds": [ { "lang": "en", "value": "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically." } ], "x_redhatCweChain": "CWE-125: Out-of-bounds Read" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-6606", "datePublished": "2023-12-08T16:58:08.746Z", "dateReserved": "2023-12-08T07:45:03.358Z", "dateUpdated": "2024-11-15T15:14:05.240Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3183
Vulnerability from cvelistv5
Published
2024-06-12 08:18
Modified
2024-09-16 19:35
Severity ?
EPSS score ?
Summary
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password.
If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:3754 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3755 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3756 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3757 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3758 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3759 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3760 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3761 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3775 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-3183 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2270685 | issue-tracking, x_refsource_REDHAT | |
https://www.freeipa.org/release-notes/4-12-1.html |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 7 |
Unaffected: 0:4.6.8-5.el7_9.17 < * cpe:/o:redhat:enterprise_linux:7::workstation cpe:/o:redhat:enterprise_linux:7::computenode cpe:/o:redhat:enterprise_linux:7::server cpe:/o:redhat:enterprise_linux:7::client |
||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-3183", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-06-12T13:41:24.168315Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-12T13:43:10.079Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T20:05:07.630Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:3754", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3754" }, { "name": "RHSA-2024:3755", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3755" }, { "name": "RHSA-2024:3756", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3756" }, { "name": "RHSA-2024:3757", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3757" }, { "name": "RHSA-2024:3758", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3758" }, { "name": "RHSA-2024:3759", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3759" }, { "name": "RHSA-2024:3760", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3760" }, { "name": "RHSA-2024:3761", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3761" }, { "name": "RHSA-2024:3775", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3775" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-3183" }, { "name": "RHBZ#2270685", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270685" }, { "tags": [ "x_transferred" ], "url": "https://www.freeipa.org/release-notes/4-12-1.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WT3JL7JQDIAFKKEFARWYES7GZNWGQNCI/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7::workstation", "cpe:/o:redhat:enterprise_linux:7::computenode", "cpe:/o:redhat:enterprise_linux:7::server", "cpe:/o:redhat:enterprise_linux:7::client" ], "defaultStatus": "affected", "packageName": "ipa", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.6.8-5.el7_9.17", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8100020240528133707.823393f5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8020020240530191103.792f4060", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020240528055121.5b01ab7e", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020240528055121.5b01ab7e", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8040020240528055121.5b01ab7e", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020240530061719.ada582f1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020240530061719.ada582f1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020240530061719.ada582f1", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "idm:DL1", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020240530051744.b0a6ceea", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb" ], "defaultStatus": "affected", "packageName": "ipa", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.11.0-15.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "ipa", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.9.8-11.el9_0.3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "ipa", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.10.1-12.el9_2.2", "versionType": "rpm" } ] } ], "credits": [ { "lang": "en", "value": "Red Hat would like to thank Mikhail Sukhov for reporting this issue." } ], "datePublic": "2024-06-10T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client\u2019s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user\u2019s password.\r\n\r\nIf a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal\u2019s password)." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-916", "description": "Use of Password Hash With Insufficient Computational Effort", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-16T19:35:31.472Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:3754", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3754" }, { "name": "RHSA-2024:3755", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3755" }, { "name": "RHSA-2024:3756", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3756" }, { "name": "RHSA-2024:3757", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3757" }, { "name": "RHSA-2024:3758", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3758" }, { "name": "RHSA-2024:3759", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3759" }, { "name": "RHSA-2024:3760", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3760" }, { "name": "RHSA-2024:3761", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3761" }, { "name": "RHSA-2024:3775", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3775" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-3183" }, { "name": "RHBZ#2270685", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270685" }, { "url": "https://www.freeipa.org/release-notes/4-12-1.html" } ], "timeline": [ { "lang": "en", "time": "2024-03-21T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-06-10T00:00:00+00:00", "value": "Made public." } ], "title": "Freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force", "workarounds": [ { "lang": "en", "value": "To mitigate this vulnerability, ticket requests to user principals are now disallowed in FreeIPA realms by default. This will keep attackers from obtaining data encrypted with the user key directly." } ], "x_redhatCweChain": "CWE-916: Use of Password Hash With Insufficient Computational Effort" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-3183", "datePublished": "2024-06-12T08:18:51.691Z", "dateReserved": "2024-04-02T09:48:54.404Z", "dateUpdated": "2024-09-16T19:35:31.472Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3019
Vulnerability from cvelistv5
Published
2023-07-24 15:19
Modified
2024-12-03 15:26
Severity ?
EPSS score ?
Summary
A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:0135 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0404 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0569 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2135 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-3019 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2222351 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 8090020231206155326.a75119d5 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T06:41:04.074Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:0135", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0135" }, { "name": "RHSA-2024:0404", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0404" }, { "name": "RHSA-2024:0569", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0569" }, { "name": "RHSA-2024:2135", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2135" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3019" }, { "name": "RHBZ#2222351", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222351" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230831-0005/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-3019", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-12-03T15:26:38.315489Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-03T15:26:51.793Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb" ], "defaultStatus": "affected", "packageName": "virt-devel:rhel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231206155326.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb" ], "defaultStatus": "affected", "packageName": "virt:rhel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8090020231206155326.a75119d5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream", "cpe:/a:redhat:rhel_eus:8.6::crb" ], "defaultStatus": "affected", "packageName": "virt-devel:rhel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231128234847.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream", "cpe:/a:redhat:rhel_eus:8.6::crb" ], "defaultStatus": "affected", "packageName": "virt:rhel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8060020231128234847.ad008a3a", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::crb", "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "virt-devel:rhel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020240116113044.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::crb", "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "virt:rhel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "8080020240116113044.63b34585", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "qemu-kvm", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "17:8.2.0-11.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "qemu-kvm", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "qemu-kvm", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "qemu-kvm-ma", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:advanced_virtualization:8::el8" ], "defaultStatus": "affected", "packageName": "virt:av/qemu-kvm", "product": "Red Hat Enterprise Linux 8 Advanced Virtualization", "vendor": "Red Hat" } ], "datePublic": "2023-06-01T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A DMA reentrancy issue leading to a use-after-free error was found in the e1000e NIC emulation code in QEMU. This issue could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-416", "description": "Use After Free", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T16:25:40.794Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:0135", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0135" }, { "name": "RHSA-2024:0404", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0404" }, { "name": "RHSA-2024:0569", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0569" }, { "name": "RHSA-2024:2135", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2135" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3019" }, { "name": "RHBZ#2222351", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222351" } ], "timeline": [ { "lang": "en", "time": "2023-07-12T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-06-01T00:00:00+00:00", "value": "Made public." } ], "title": "Qemu: e1000e: heap use-after-free in e1000e_write_packet_to_guest()", "x_redhatCweChain": "CWE-416: Use After Free" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-3019", "datePublished": "2023-07-24T15:19:19.804Z", "dateReserved": "2023-05-31T14:08:11.910Z", "dateUpdated": "2024-12-03T15:26:51.793Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-34966
Vulnerability from cvelistv5
Published
2023-07-20 14:56
Modified
2024-11-22 23:28
Severity ?
EPSS score ?
Summary
An infinite loop vulnerability was found in Samba's mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:6667 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7139 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0423 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0580 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:4101 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-34966 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2222793 | issue-tracking, x_refsource_REDHAT | |
https://www.samba.org/samba/security/CVE-2023-34966 |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:4.18.6-1.el8 < * cpe:/o:redhat:enterprise_linux:8::baseos cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream |
||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:17:04.256Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2023:6667", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6667" }, { "name": "RHSA-2023:7139", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7139" }, { "name": "RHSA-2024:0423", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0423" }, { "name": "RHSA-2024:0580", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0580" }, { "name": "RHSA-2024:4101", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:4101" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-34966" }, { "name": "RHBZ#2222793", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222793" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/" }, { "tags": [ "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OT74M42E6C36W7PQVY3OS4ZM7DVYB64Z/" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20230731-0010/" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5477" }, { "tags": [ "x_transferred" ], "url": "https://www.samba.org/samba/security/CVE-2023-34966" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.6-1.el8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.6-1.el8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/a:redhat:rhel_eus:8.6::appstream", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.15.5-15.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::crb", "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.17.5-5.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::resilientstorage" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.6-100.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::resilientstorage" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.6-100.el9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/a:redhat:rhel_eus:9.2::resilientstorage" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.17.5-105.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/a:redhat:rhel_eus:8.6::appstream", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.15.5-15.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "samba", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "samba4", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "samba", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:storage:3" ], "defaultStatus": "affected", "packageName": "samba", "product": "Red Hat Storage 3", "vendor": "Red Hat" } ], "datePublic": "2023-07-19T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "An infinite loop vulnerability was found in Samba\u0027s mdssvc RPC service for Spotlight. When parsing Spotlight mdssvc RPC packets sent by the client, the core unmarshalling function sl_unpack_loop() did not validate a field in the network packet that contains the count of elements in an array-like structure. By passing 0 as the count value, the attacked function will run in an endless loop consuming 100% CPU. This flaw allows an attacker to issue a malformed RPC request, triggering an infinite loop, resulting in a denial of service condition." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-835", "description": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-22T23:28:53.308Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:6667", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6667" }, { "name": "RHSA-2023:7139", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7139" }, { "name": "RHSA-2024:0423", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0423" }, { "name": "RHSA-2024:0580", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0580" }, { "name": "RHSA-2024:4101", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:4101" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-34966" }, { "name": "RHBZ#2222793", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222793" }, { "url": "https://www.samba.org/samba/security/CVE-2023-34966" } ], "timeline": [ { "lang": "en", "time": "2023-07-13T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-07-19T00:00:00+00:00", "value": "Made public." } ], "title": "Samba: infinite loop in mdssvc rpc service for spotlight", "workarounds": [ { "lang": "en", "value": "As a possible workaround, disable Spotlight by removing all configuration stanzas (\"spotlight=yes|true\") that enable Spotlight ." } ], "x_redhatCweChain": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-34966", "datePublished": "2023-07-20T14:56:14.644Z", "dateReserved": "2023-06-07T21:11:04.261Z", "dateUpdated": "2024-11-22T23:28:53.308Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-3772
Vulnerability from cvelistv5
Published
2023-07-25 15:47
Modified
2024-11-15 16:29
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel’s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2023:6583 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:6901 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2023:7077 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0412 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0575 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-3772 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2218943 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:4.18.0-513.5.1.rt7.307.el8_9 < * cpe:/a:redhat:enterprise_linux:8::realtime cpe:/a:redhat:enterprise_linux:8::nfv |
||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T07:08:49.645Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/10/1" }, { "tags": [ "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2023/08/10/3" }, { "name": "RHSA-2023:6583", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6583" }, { "name": "RHSA-2023:6901", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:6901" }, { "name": "RHSA-2023:7077", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2023:7077" }, { "name": "RHSA-2024:0412", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0412" }, { "name": "RHSA-2024:0575", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0575" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3772" }, { "name": "RHBZ#2218943", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00027.html" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00004.html" }, { "tags": [ "x_transferred" ], "url": "https://www.debian.org/security/2023/dsa-5492" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::realtime", "cpe:/a:redhat:enterprise_linux:8::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.5.1.rt7.307.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.5.1.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.87.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-477.43.1.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.8.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.8.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.87.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "Red Hat would like to thank Lin Ma (ZJU \u0026 Ant Security Light-Year Lab) for reporting this issue." } ], "datePublic": "2023-07-21T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux kernel\u2019s IP framework for transforming packets (XFRM subsystem). This issue may allow a malicious user with CAP_NET_ADMIN privileges to directly dereference a NULL pointer in xfrm_update_ae_params(), leading to a possible kernel crash and denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T16:29:22.992Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2023:6583", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6583" }, { "name": "RHSA-2023:6901", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:6901" }, { "name": "RHSA-2023:7077", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2023:7077" }, { "name": "RHSA-2024:0412", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0412" }, { "name": "RHSA-2024:0575", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0575" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-3772" }, { "name": "RHBZ#2218943", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2218943" } ], "timeline": [ { "lang": "en", "time": "2023-06-29T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-07-21T00:00:00+00:00", "value": "Made public." } ], "title": "Kernel: xfrm: null pointer dereference in xfrm_update_ae_params()", "x_redhatCweChain": "CWE-476: NULL Pointer Dereference" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-3772", "datePublished": "2023-07-25T15:47:40.183Z", "dateReserved": "2023-07-19T13:55:07.799Z", "dateUpdated": "2024-11-15T16:29:22.992Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-3019
Vulnerability from cvelistv5
Published
2024-03-28 18:32
Modified
2024-11-24 15:41
Severity ?
EPSS score ?
Summary
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:2566 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3264 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3321 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3322 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3323 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3324 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3325 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3392 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-3019 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2271898 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 4.3.4 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-3019", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-04-25T19:20:31.653267Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:32:49.182Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-01T19:32:42.516Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:2566", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2566" }, { "name": "RHSA-2024:3264", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3264" }, { "name": "RHSA-2024:3321", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3321" }, { "name": "RHSA-2024:3322", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3322" }, { "name": "RHSA-2024:3323", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3323" }, { "name": "RHSA-2024:3324", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3324" }, { "name": "RHSA-2024:3325", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3325" }, { "name": "RHSA-2024:3392", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3392" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-3019" }, { "name": "RHBZ#2271898", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271898" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://github.com/performancecopilot/pcp/", "defaultStatus": "unaffected", "packageName": "pcp", "versions": [ { "lessThan": "*", "status": "affected", "version": "4.3.4", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.7-20.el8_10", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.0.2-8.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.2.5-7.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.2.5-7.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.2.5-7.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.5-9.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.7-18.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.2.0-2.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.5-9.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.1-6.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "Red Hat would like to thank Jihwan Yoon (NAVER Cloud Security Analysis) for reporting this issue." } ], "datePublic": "2024-03-27T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the \u0027Metrics settings\u0027 page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-668", "description": "Exposure of Resource to Wrong Sphere", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-24T15:41:29.846Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:2566", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2566" }, { "name": "RHSA-2024:3264", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3264" }, { "name": "RHSA-2024:3321", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3321" }, { "name": "RHSA-2024:3322", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3322" }, { "name": "RHSA-2024:3323", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3323" }, { "name": "RHSA-2024:3324", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3324" }, { "name": "RHSA-2024:3325", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3325" }, { "name": "RHSA-2024:3392", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3392" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-3019" }, { "name": "RHBZ#2271898", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271898" } ], "timeline": [ { "lang": "en", "time": "2024-03-27T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-03-27T00:00:00+00:00", "value": "Made public." } ], "title": "Pcp: exposure of the redis server backend allows remote command execution via pmproxy", "workarounds": [ { "lang": "en", "value": "To mitigate this flaw, stop and disable the pmproxy.service or disable the Redis server backend via the pmproxy configuration file.\n\nTo stop and disable the pmproxy.service, run the following command:\n~~~\n# systemctl disable --now pmproxy.service\n~~~\n\nTo disable the Redis backend server via the pmproxy configuration file:\n~~~\n# sed -i \u0027s/redis.enabled = true/redis.enabled = false/g\u0027 /etc/pcp/pmproxy/pmproxy.conf\n# systemctl restart pmproxy.service\n~~~" } ], "x_redhatCweChain": "CWE-668: Exposure of Resource to Wrong Sphere" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-3019", "datePublished": "2024-03-28T18:32:43.298Z", "dateReserved": "2024-03-27T17:41:16.708Z", "dateUpdated": "2024-11-24T15:41:29.846Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-7192
Vulnerability from cvelistv5
Published
2024-01-02 19:02
Modified
2024-11-24 12:00
Severity ?
EPSS score ?
Summary
A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support |
Unaffected: 0:4.18.0-193.133.1.el8_2 < * cpe:/o:redhat:rhel_tus:8.2::baseos cpe:/o:redhat:rhel_e4s:8.2::baseos cpe:/o:redhat:rhel_aus:8.2::baseos |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T08:57:34.101Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:0723", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0723" }, { "name": "RHSA-2024:0725", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0725" }, { "name": "RHSA-2024:1188", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1188" }, { "name": "RHSA-2024:1250", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1250" }, { "name": "RHSA-2024:1306", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1306" }, { "name": "RHSA-2024:1367", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1367" }, { "name": "RHSA-2024:1382", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1382" }, { "name": "RHSA-2024:1404", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1404" }, { "name": "RHSA-2024:2006", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2006" }, { "name": "RHSA-2024:2008", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2008" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-7192" }, { "name": "RHBZ#2256279", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256279" }, { "tags": [ "x_transferred" ], "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-7192", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-01-16T19:33:50.679311Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-14T19:11:30.973Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos", "cpe:/o:redhat:rhel_aus:8.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.2::realtime", "cpe:/a:redhat:rhel_tus:8.2::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.rt13.184.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos", "cpe:/o:redhat:rhel_aus:8.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_tus:8.2::baseos", "cpe:/o:redhat:rhel_e4s:8.2::baseos", "cpe:/o:redhat:rhel_aus:8.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-193.133.1.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.125.1.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::realtime", "cpe:/a:redhat:rhel_tus:8.4::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.125.1.rt7.201.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.125.1.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_e4s:8.4::baseos", "cpe:/o:redhat:rhel_tus:8.4::baseos", "cpe:/o:redhat:rhel_aus:8.4::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-305.125.1.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.95.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::crb", "cpe:/o:redhat:rhel_eus:8.8::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-477.51.1.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.0::baseos", "cpe:/a:redhat:rhel_eus:9.0::crb", "cpe:/a:redhat:rhel_eus:9.0::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-70.93.2.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.0::realtime", "cpe:/a:redhat:rhel_eus:9.0::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.0 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-70.93.1.rt21.165.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.52.1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::nfv", "cpe:/a:redhat:rhel_eus:9.2::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.52.1.rt14.337.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.95.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "datePublic": "2023-02-10T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A memory leak problem was found in ctnetlink_create_conntrack in net/netfilter/nf_conntrack_netlink.c in the Linux Kernel. This issue may allow a local attacker with CAP_NET_ADMIN privileges to cause a denial of service (DoS) attack due to a refcount overflow." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-401", "description": "Missing Release of Memory after Effective Lifetime", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-24T12:00:34.316Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:0723", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0723" }, { "name": "RHSA-2024:0725", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0725" }, { "name": "RHSA-2024:1188", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1188" }, { "name": "RHSA-2024:1250", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1250" }, { "name": "RHSA-2024:1306", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1306" }, { "name": "RHSA-2024:1367", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1367" }, { "name": "RHSA-2024:1382", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1382" }, { "name": "RHSA-2024:1404", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1404" }, { "name": "RHSA-2024:2006", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2006" }, { "name": "RHSA-2024:2008", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2008" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-7192" }, { "name": "RHBZ#2256279", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256279" }, { "url": "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net.git/commit/?id=ac4893980bbe79ce383daf9a0885666a30fe4c83" } ], "timeline": [ { "lang": "en", "time": "2023-09-13T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-02-10T00:00:00+00:00", "value": "Made public." } ], "title": "Kernel: refcount leak in ctnetlink_create_conntrack()", "workarounds": [ { "lang": "en", "value": "Triggering this issue requires the ability to create user/net namespaces.\n\nOn non-containerized deployments of Red Hat Enterprise Linux 8, you can disable user namespaces by setting user.max_user_namespaces to 0:\n\n# echo \"user.max_user_namespaces=0\" \u003e /etc/sysctl.d/userns.conf\n# sysctl -p /etc/sysctl.d/userns.conf\n\nOn containerized deployments, such as Red Hat OpenShift Container Platform, do not use this mitigation as the functionality is needed to be enabled.\n\nAlternatively, skip loading the affected netfilter module (i.e., nf_conntrack_netlink) onto the system until we have a fix available. This can be done by a blacklist mechanism which will ensure the driver is not loaded at boot time.\n~~~\nHow do I blacklist a kernel module to prevent it from loading automatically?\nhttps://access.redhat.com/solutions/41278 \n~~~" } ], "x_redhatCweChain": "CWE-401: Missing Release of Memory after Effective Lifetime" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-7192", "datePublished": "2024-01-02T19:02:45.371Z", "dateReserved": "2023-12-30T18:12:05.167Z", "dateUpdated": "2024-11-24T12:00:34.316Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0565
Vulnerability from cvelistv5
Published
2024-01-15 20:02
Modified
2024-11-15 15:27
Severity ?
EPSS score ?
Summary
An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1188 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1404 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1532 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1533 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1607 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1614 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2093 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2394 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-0565 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2258518 | issue-tracking, x_refsource_REDHAT | |
https://www.spinics.net/lists/stable-commits/msg328851.html |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T18:11:35.146Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:1188", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1188" }, { "name": "RHSA-2024:1404", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1404" }, { "name": "RHSA-2024:1532", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1532" }, { "name": "RHSA-2024:1533", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1533" }, { "name": "RHSA-2024:1607", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1607" }, { "name": "RHSA-2024:1614", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1614" }, { "name": "RHSA-2024:2093", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "name": "RHSA-2024:2394", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2394" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-0565" }, { "name": "RHBZ#2258518", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00017.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240223-0002/" }, { "tags": [ "x_transferred" ], "url": "https://www.spinics.net/lists/stable-commits/msg328851.html" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel", "defaultStatus": "unaffected", "packageName": "kernel", "versions": [ { "lessThan": "6.7-rc6", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::realtime", "cpe:/a:redhat:enterprise_linux:8::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.24.1.rt7.326.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.24.1.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.95.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-477.51.1.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-427.13.1.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-427.13.1.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream", "cpe:/o:redhat:rhel_eus:9.2::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.59.1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::nfv", "cpe:/a:redhat:rhel_eus:9.2::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.59.1.rt14.344.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhev_hypervisor:4.4::el8", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.95.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-operator-bundle", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-16", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-rhel8-operator", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch6-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v6.8.1-408", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-operator-bundle", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-proxy-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.0.0-480", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-rhel8-operator", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-9", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/eventrouter-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.4.0-248", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/fluentd-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.14.6-215", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/kibana6-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v6.8.1-431", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/log-file-metric-exporter-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.1.0-228", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-curator5-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.1-471", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-loki-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v2.9.6-15", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-view-plugin-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-3", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-operator-bundle", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-27", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-rhel8-operator", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.7.13-12", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/lokistack-gateway-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-527", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/opa-openshift-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-225", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.7::el8" ], "defaultStatus": "affected", "packageName": "openshift-logging/vector-rhel8", "product": "RHOL-5.7-RHEL-8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.28.1-57", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "datePublic": "2023-12-18T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "ADJACENT_NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-191", "description": "Integer Underflow (Wrap or Wraparound)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:27:39.597Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:1188", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1188" }, { "name": "RHSA-2024:1404", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1404" }, { "name": "RHSA-2024:1532", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1532" }, { "name": "RHSA-2024:1533", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1533" }, { "name": "RHSA-2024:1607", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1607" }, { "name": "RHSA-2024:1614", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1614" }, { "name": "RHSA-2024:2093", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2093" }, { "name": "RHSA-2024:2394", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2394" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-0565" }, { "name": "RHBZ#2258518", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258518" }, { "url": "https://www.spinics.net/lists/stable-commits/msg328851.html" } ], "timeline": [ { "lang": "en", "time": "2024-01-15T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-12-18T00:00:00+00:00", "value": "Made public." } ], "title": "Kernel: cifs filesystem decryption improper input validation remote code execution vulnerability in function receive_encrypted_standard of client", "workarounds": [ { "lang": "en", "value": "To mitigate this issue, prevent module cifs from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically." } ], "x_redhatCweChain": "CWE-191: Integer Underflow (Wrap or Wraparound)" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-0565", "datePublished": "2024-01-15T20:02:02.639Z", "dateReserved": "2024-01-15T19:19:12.076Z", "dateUpdated": "2024-11-15T15:27:39.597Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-9632
Vulnerability from cvelistv5
Published
2024-10-30 07:42
Modified
2024-12-26 14:22
Severity ?
EPSS score ?
Summary
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 1.1.1 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-10-31T19:02:24.167Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2024/10/29/2" }, { "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00031.html" }, { "url": "http://seclists.org/fulldisclosure/2024/Oct/20" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2024-9632", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-30T13:34:32.792082Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-30T13:35:19.624Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/", "defaultStatus": "unaffected", "packageName": "xorg-server", "versions": [ { "lessThan": "21.1.14", "status": "affected", "version": "1.1.1", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_els:7" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.8.0-34.el7_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.20.11-25.el8_10", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "xorg-x11-server-Xwayland", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:21.1.3-17.el8_10", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.13.1-14.el8_10", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.9.0-15.el8_2.12", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-8.el8_4.11", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-8.el8_4.11", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-8.el8_4.11", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-6.el8_6.12", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-6.el8_6.12", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-6.el8_6.12", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-15.el8_8.11", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.14.1-1.el9_5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:9.0::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.11.0-22.el9_0.12", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.12.0-14.el9_2.9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::appstream" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.13.1-8.el9_4.4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "affected", "packageName": "tigervnc", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "xorg-x11-server", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "xorg-x11-server-Xwayland", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "datePublic": "2024-10-29T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Important" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-122", "description": "Heap-based Buffer Overflow", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-26T14:22:23.947Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:10090", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:10090" }, { "name": "RHSA-2024:8798", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:8798" }, { "name": "RHSA-2024:9540", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9540" }, { "name": "RHSA-2024:9579", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9579" }, { "name": "RHSA-2024:9601", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9601" }, { "name": "RHSA-2024:9690", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9690" }, { "name": "RHSA-2024:9816", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9816" }, { "name": "RHSA-2024:9818", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9818" }, { "name": "RHSA-2024:9819", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9819" }, { "name": "RHSA-2024:9820", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9820" }, { "name": "RHSA-2024:9901", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9901" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-9632" }, { "name": "RHBZ#2317233", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317233" } ], "timeline": [ { "lang": "en", "time": "2024-10-08T13:37:25.514000+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-10-29T00:00:00+00:00", "value": "Made public." } ], "title": "Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-9632", "datePublished": "2024-10-30T07:42:35.320Z", "dateReserved": "2024-10-08T13:45:31.259Z", "dateUpdated": "2024-12-26T14:22:23.947Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-45769
Vulnerability from cvelistv5
Published
2024-09-19 08:45
Modified
2024-12-26 14:24
Severity ?
EPSS score ?
Summary
A vulnerability was found in Performance Co-Pilot (PCP). This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:6837 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6840 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6842 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6843 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6844 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6846 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6847 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:6848 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:9452 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-45769 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2310452 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-45769", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-19T13:39:40.637961Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-19T13:39:52.390Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://github.com/performancecopilot/pcp", "defaultStatus": "affected", "packageName": "pcp" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.7-22.el8_10", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.0.2-9.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.2.5-8.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.2.5-8.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_tus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.2.5-8.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.5-10.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.5-10.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.5-10.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.7-19.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.2.0-5.el9_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.2.2-7.el9_5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:9.0::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.3.5-10.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "pcp", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:6.0.1-8.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "pcp", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "pcp", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2024-09-17T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A vulnerability was found in Performance Co-Pilot (PCP).\u00a0 This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-787", "description": "Out-of-bounds Write", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-26T14:24:08.142Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:6837", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6837" }, { "name": "RHSA-2024:6840", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6840" }, { "name": "RHSA-2024:6842", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6842" }, { "name": "RHSA-2024:6843", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6843" }, { "name": "RHSA-2024:6844", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6844" }, { "name": "RHSA-2024:6846", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6846" }, { "name": "RHSA-2024:6847", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6847" }, { "name": "RHSA-2024:6848", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:6848" }, { "name": "RHSA-2024:9452", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:9452" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-45769" }, { "name": "RHBZ#2310452", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310452" } ], "timeline": [ { "lang": "en", "time": "2024-09-06T17:07:45.533000+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-09-17T00:00:00+00:00", "value": "Made public." } ], "title": "Pcp: pmcd heap corruption through metric pmstore operations", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-787: Out-of-bounds Write" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-45769", "datePublished": "2024-09-19T08:45:06.247Z", "dateReserved": "2024-09-06T14:56:44.790Z", "dateUpdated": "2024-12-26T14:24:08.142Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-6536
Vulnerability from cvelistv5
Published
2024-02-07 21:05
Modified
2024-11-15 15:13
Severity ?
EPSS score ?
Summary
A flaw was found in the Linux kernel's NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:0723 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0724 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0725 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0881 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:0897 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1248 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:2094 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:3810 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2023-6536 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2254052 | issue-tracking, x_refsource_REDHAT |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Red Hat | Red Hat Enterprise Linux 8 |
Unaffected: 0:4.18.0-513.18.1.rt7.320.el8_9 < * cpe:/a:redhat:enterprise_linux:8::nfv cpe:/a:redhat:enterprise_linux:8::realtime |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2023-6536", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-02-08T14:26:21.002030Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-05T17:22:45.294Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T08:35:13.955Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:0723", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0723" }, { "name": "RHSA-2024:0724", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0724" }, { "name": "RHSA-2024:0725", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0725" }, { "name": "RHSA-2024:0881", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0881" }, { "name": "RHSA-2024:0897", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:0897" }, { "name": "RHSA-2024:1248", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1248" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "name": "RHSA-2024:3810", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:3810" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2023-6536" }, { "name": "RHBZ#2254052", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254052" }, { "tags": [ "x_transferred" ], "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00016.html" }, { "tags": [ "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20240415-0001/" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::nfv", "cpe:/a:redhat:enterprise_linux:8::realtime" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.18.1.rt7.320.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::crb", "cpe:/o:redhat:enterprise_linux:8::baseos" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-513.18.1.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhev_hypervisor:4.4::el8" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.91.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-477.58.1.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.24.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/a:redhat:enterprise_linux:9::realtime", "cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::nfv" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-362.24.1.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:9.2::baseos", "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.52.1.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::realtime", "cpe:/a:redhat:rhel_eus:9.2::nfv" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:5.14.0-284.52.1.rt14.337.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.6::baseos", "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhev_hypervisor:4.4::el8" ], "defaultStatus": "affected", "packageName": "kernel", "product": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:4.18.0-372.91.1.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-22", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/cluster-logging-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-11", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch6-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v6.8.1-407", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-19", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-proxy-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.0.0-479", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/elasticsearch-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-7", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/eventrouter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.4.0-247", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/fluentd-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-5", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/log-file-metric-exporter-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v1.1.0-227", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-curator5-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.1-470", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-loki-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v2.9.6-14", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/logging-view-plugin-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-2", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-operator-bundle", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-24", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/loki-rhel9-operator", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v5.8.6-10", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/lokistack-gateway-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-525", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/opa-openshift-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.1.0-224", "versionType": "rpm" } ] }, { "collectionURL": "https://catalog.redhat.com/software/containers/", "cpes": [ "cpe:/a:redhat:logging:5.8::el9" ], "defaultStatus": "affected", "packageName": "openshift-logging/vector-rhel9", "product": "RHOL-5.8-RHEL-9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "v0.28.1-56", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unaffected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:9" ], "defaultStatus": "affected", "packageName": "kernel-rt", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat" } ], "credits": [ { "lang": "en", "value": "Red Hat would like to thank Alon Zahavi for reporting this issue." } ], "datePublic": "2023-12-11T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in the Linux kernel\u0027s NVMe driver. This issue may allow an unauthenticated malicious actor to send a set of crafted TCP packages when using NVMe over TCP, leading the NVMe driver to a NULL pointer dereference in the NVMe driver, causing kernel panic and a denial of service." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-476", "description": "NULL Pointer Dereference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-15T15:13:38.717Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:0723", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0723" }, { "name": "RHSA-2024:0724", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0724" }, { "name": "RHSA-2024:0725", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0725" }, { "name": "RHSA-2024:0881", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0881" }, { "name": "RHSA-2024:0897", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:0897" }, { "name": "RHSA-2024:1248", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1248" }, { "name": "RHSA-2024:2094", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:2094" }, { "name": "RHSA-2024:3810", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:3810" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2023-6536" }, { "name": "RHBZ#2254052", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2254052" } ], "timeline": [ { "lang": "en", "time": "2023-12-11T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2023-12-11T00:00:00+00:00", "value": "Made public." } ], "title": "Kernel: null pointer dereference in __nvmet_req_complete", "workarounds": [ { "lang": "en", "value": "To mitigate this issue, prevent module nvmet-tcp from being loaded. Please see https://access.redhat.com/solutions/41278 for how to blacklist a kernel module to prevent it from loading automatically." } ], "x_redhatCweChain": "CWE-476: NULL Pointer Dereference" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2023-6536", "datePublished": "2024-02-07T21:05:13.716Z", "dateReserved": "2023-12-05T21:00:40.604Z", "dateUpdated": "2024-11-15T15:13:38.717Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-0914
Vulnerability from cvelistv5
Published
2024-01-31 04:53
Modified
2024-11-24 12:55
Severity ?
EPSS score ?
Summary
A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key.
References
▼ | URL | Tags |
---|---|---|
https://access.redhat.com/errata/RHSA-2024:1239 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1411 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1608 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1856 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/errata/RHSA-2024:1992 | vendor-advisory, x_refsource_REDHAT | |
https://access.redhat.com/security/cve/CVE-2024-0914 | vdb-entry, x_refsource_REDHAT | |
https://bugzilla.redhat.com/show_bug.cgi?id=2260407 | issue-tracking, x_refsource_REDHAT | |
https://people.redhat.com/~hkario/marvin/ |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 3.0.0 ≤ |
||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T18:18:18.984Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "RHSA-2024:1239", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1239" }, { "name": "RHSA-2024:1411", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1411" }, { "name": "RHSA-2024:1608", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1608" }, { "name": "RHSA-2024:1856", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1856" }, { "name": "RHSA-2024:1992", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2024:1992" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/security/cve/CVE-2024-0914" }, { "name": "RHBZ#2260407", "tags": [ "issue-tracking", "x_refsource_REDHAT", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260407" }, { "tags": [ "x_transferred" ], "url": "https://people.redhat.com/~hkario/marvin/" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2024-0914", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-08-23T18:54:25.749075Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-23T18:55:32.813Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "collectionURL": "https://github.com/opencryptoki/opencryptoki", "defaultStatus": "unaffected", "packageName": "opencryptoki", "versions": [ { "lessThan": "3.23.0", "status": "affected", "version": "3.0.0", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:8::baseos", "cpe:/a:redhat:enterprise_linux:8::crb" ], "defaultStatus": "affected", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.21.0-10.el8_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.6::crb", "cpe:/o:redhat:rhel_eus:8.6::baseos" ], "defaultStatus": "affected", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.17.0-6.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_eus:8.8::baseos", "cpe:/a:redhat:rhel_eus:8.8::crb" ], "defaultStatus": "affected", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.19.0-3.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::crb", "cpe:/o:redhat:enterprise_linux:9::baseos" ], "defaultStatus": "affected", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.21.0-9.el9_3", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::crb", "cpe:/o:redhat:rhel_eus:9.2::baseos" ], "defaultStatus": "affected", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:3.19.0-3.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:6" ], "defaultStatus": "unknown", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 6", "vendor": "Red Hat" }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:enterprise_linux:7" ], "defaultStatus": "unknown", "packageName": "opencryptoki", "product": "Red Hat Enterprise Linux 7", "vendor": "Red Hat" } ], "datePublic": "2024-01-25T00:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key." } ], "metrics": [ { "other": { "content": { "namespace": "https://access.redhat.com/security/updates/classification/", "value": "Moderate" }, "type": "Red Hat severity rating" } }, { "cvssV3_1": { "attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" }, "format": "CVSS" } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-203", "description": "Observable Discrepancy", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-24T12:55:42.882Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "name": "RHSA-2024:1239", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1239" }, { "name": "RHSA-2024:1411", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1411" }, { "name": "RHSA-2024:1608", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1608" }, { "name": "RHSA-2024:1856", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1856" }, { "name": "RHSA-2024:1992", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2024:1992" }, { "tags": [ "vdb-entry", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/security/cve/CVE-2024-0914" }, { "name": "RHBZ#2260407", "tags": [ "issue-tracking", "x_refsource_REDHAT" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260407" }, { "url": "https://people.redhat.com/~hkario/marvin/" } ], "timeline": [ { "lang": "en", "time": "2024-01-25T00:00:00+00:00", "value": "Reported to Red Hat." }, { "lang": "en", "time": "2024-01-25T00:00:00+00:00", "value": "Made public." } ], "title": "Opencryptoki: timing side-channel in handling of rsa pkcs#1 v1.5 padded ciphertexts (marvin)", "workarounds": [ { "lang": "en", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." } ], "x_redhatCweChain": "CWE-385-\u003eCWE-208-\u003eCWE-203: Covert Timing Channel leads to Observable Timing Discrepancy leads to Observable Discrepancy" } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2024-0914", "datePublished": "2024-01-31T04:53:28.508Z", "dateReserved": "2024-01-25T22:28:25.811Z", "dateUpdated": "2024-11-24T12:55:42.882Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-9050
Vulnerability from cvelistv5
Published
2024-10-22 12:14
Modified
2024-12-18 16:14
Severity ?
EPSS score ?
Summary
A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration.
References
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ |
Version: 0 ≤ |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-9050", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-22T13:03:43.771304Z", "version": "2.0.3" }, "type": "ssvc" } } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-noinfo Not enough information", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-22T13:08:22.196Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-10-25T03:09:04.241Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "url": "http://www.openwall.com/lists/oss-security/2024/10/25/1" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "collectionURL": "https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/", "defaultStatus": "unaffected", "packageName": "NetworkManager-libreswan", "versions": [ { "lessThan": "1.2.24", "status": "affected", "version": "0", "versionType": "semver" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_aus:7.7::server" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.4-4.el7_7", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/o:redhat:rhel_els:7" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.4-4.el7_9", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:8::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-7.el8_10", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.2::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.4::appstream", "cpe:/a:redhat:rhel_e4s:8.4::appstream", "cpe:/a:redhat:rhel_tus:8.4::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_4", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_6", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:8.8::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.10-6.el8_8", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:enterprise_linux:9::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 9", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.22-4.el9_5", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_e4s:9.0::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.14-3.el9_0", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.2::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 9.2 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.14-6.el9_2", "versionType": "rpm" } ] }, { "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "cpes": [ "cpe:/a:redhat:rhel_eus:9.4::appstream" ], "defaultStatus": "affected", "packageName": "NetworkManager-libreswan", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "vendor": "Red Hat", "versions": [ { "lessThan": "*", "status": "unaffected", "version": "0:1.2.18-6.el9_4", "versionType": "rpm" } ] } ], "datePublic": "2024-10-22T12:00:00+00:00", "descriptions": [ { "lang": "en", "value": "A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan t