cvelistv5 - cve-2024-0901

CVE-2024-0901 (GCVE-0-2024-0901)

Vulnerability from cvelistv5 – Published: 2024-03-25 22:37 – Updated: 2024-08-01 18:39

Summary

Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H

CWE

CWE-129 - Improper Validation of Array Index

Assigner

wolfSSL

References

URL

Tags

	https://github.com/wolfSSL/wolfssl/issues/7089
	https://github.com/wolfSSL/wolfssl/pull/7099

Impacted products

	Vendor	Product	Version
	wolfSSL	wolfSSL	Affected: 3.12.2 , ≤ 5.6.6 (release bundle)

Credits

Jiamin Yu

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:18:19.076Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wolfssl",
            "vendor": "wolfssl",
            "versions": [
              {
                "lessThanOrEqual": "5.6.6",
                "status": "affected",
                "version": "3.12.2",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-0901",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T18:38:31.765222Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:39:44.207Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "wolfSSL",
          "repo": "https://github.com/wolfSSL/wolfssl",
          "vendor": "wolfSSL",
          "versions": [
            {
              "lessThanOrEqual": "5.6.6",
              "status": "affected",
              "version": "3.12.2",
              "versionType": "release bundle"
            }
          ]
        }
      ],
      "configurations": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAffects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Affects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client.\u00a0If using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used.\n"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Jiamin Yu"
        }
      ],
      "datePublic": "2024-03-20T23:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\u003cbr\u003e"
            }
          ],
          "value": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\n"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-123",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-123 Buffer Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-129",
              "description": "CWE-129 Improper Validation of Array Index",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-25T22:37:56.581Z",
        "orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
        "shortName": "wolfSSL"
      },
      "references": [
        {
          "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
        },
        {
          "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update wolfSSL to 5.7.0 or apply the fix located in:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/wolfSSL/wolfssl/pull/7099\"\u003ehttps://github.com/wolfSSL/wolfssl/pull/7099\u003c/a\u003e.\u003cbr\u003e"
            }
          ],
          "value": "Update wolfSSL to 5.7.0 or apply the fix located in:\u00a0 https://github.com/wolfSSL/wolfssl/pull/7099 .\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "SEGV and out of bounds memory read from malicious packet",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
    "assignerShortName": "wolfSSL",
    "cveId": "CVE-2024-0901",
    "datePublished": "2024-03-25T22:37:56.581Z",
    "dateReserved": "2024-01-25T19:15:43.102Z",
    "dateUpdated": "2024-08-01T18:39:44.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\\n\"}, {\"lang\": \"es\", \"value\": \"SEGV ejecutado de forma remota y lectura fuera de los l\\u00edmites permite que el remitente de paquetes maliciosos falle o provoque una lectura fuera de los l\\u00edmites mediante el env\\u00edo de un paquete con formato incorrecto y con la longitud correcta.\"}]",
      "id": "CVE-2024-0901",
      "lastModified": "2024-11-21T08:47:39.493",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"facts@wolfssl.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H\", \"baseScore\": 7.5, \"baseSeverity\": \"HIGH\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.2, \"impactScore\": 4.7}]}",
      "published": "2024-03-25T23:15:51.250",
      "references": "[{\"url\": \"https://github.com/wolfSSL/wolfssl/issues/7089\", \"source\": \"facts@wolfssl.com\"}, {\"url\": \"https://github.com/wolfSSL/wolfssl/pull/7099\", \"source\": \"facts@wolfssl.com\"}, {\"url\": \"https://github.com/wolfSSL/wolfssl/issues/7089\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://github.com/wolfSSL/wolfssl/pull/7099\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "facts@wolfssl.com",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"facts@wolfssl.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-129\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-0901\",\"sourceIdentifier\":\"facts@wolfssl.com\",\"published\":\"2024-03-25T23:15:51.250\",\"lastModified\":\"2024-11-21T08:47:39.493\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\\n\"},{\"lang\":\"es\",\"value\":\"SEGV ejecutado de forma remota y lectura fuera de los l\u00edmites permite que el remitente de paquetes maliciosos falle o provoque una lectura fuera de los l\u00edmites mediante el env\u00edo de un paquete con formato incorrecto y con la longitud correcta.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"facts@wolfssl.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":4.7}]},\"weaknesses\":[{\"source\":\"facts@wolfssl.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-129\"}]}],\"references\":[{\"url\":\"https://github.com/wolfSSL/wolfssl/issues/7089\",\"source\":\"facts@wolfssl.com\"},{\"url\":\"https://github.com/wolfSSL/wolfssl/pull/7099\",\"source\":\"facts@wolfssl.com\"},{\"url\":\"https://github.com/wolfSSL/wolfssl/issues/7089\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/wolfSSL/wolfssl/pull/7099\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/wolfSSL/wolfssl/issues/7089\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/wolfSSL/wolfssl/pull/7099\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:18:19.076Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-0901\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-01T18:38:31.765222Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*\"], \"vendor\": \"wolfssl\", \"product\": \"wolfssl\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.12.2\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5.6.6\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-01T18:39:37.698Z\"}}], \"cna\": {\"title\": \"SEGV and out of bounds memory read from malicious packet\", \"source\": {\"discovery\": \"EXTERNAL\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"finder\", \"user\": \"00000000-0000-4000-9000-000000000000\", \"value\": \"Jiamin Yu\"}], \"impacts\": [{\"capecId\": \"CAPEC-123\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-123 Buffer Manipulation\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"repo\": \"https://github.com/wolfSSL/wolfssl\", \"vendor\": \"wolfSSL\", \"product\": \"wolfSSL\", \"versions\": [{\"status\": \"affected\", \"version\": \"3.12.2\", \"versionType\": \"release bundle\", \"lessThanOrEqual\": \"5.6.6\"}], \"defaultStatus\": \"unaffected\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"Update wolfSSL to 5.7.0 or apply the fix located in:\\u00a0 https://github.com/wolfSSL/wolfssl/pull/7099 .\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Update wolfSSL to 5.7.0 or apply the fix located in:\u0026nbsp;\u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://github.com/wolfSSL/wolfssl/pull/7099\\\"\u003ehttps://github.com/wolfSSL/wolfssl/pull/7099\u003c/a\u003e.\u003cbr\u003e\", \"base64\": false}]}], \"datePublic\": \"2024-03-20T23:00:00.000Z\", \"references\": [{\"url\": \"https://github.com/wolfSSL/wolfssl/issues/7089\"}, {\"url\": \"https://github.com/wolfSSL/wolfssl/pull/7099\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-129\", \"description\": \"CWE-129 Improper Validation of Array Index\"}]}], \"configurations\": [{\"lang\": \"en\", \"value\": \"Affects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client.\\u00a0If using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used.\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eAffects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client.\u0026nbsp;\u003cspan style=\\\"background-color: rgb(255, 255, 255);\\\"\u003eIf using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e\", \"base64\": false}]}], \"providerMetadata\": {\"orgId\": \"50d2cd11-d01a-48ed-9441-5bfce9d63b27\", \"shortName\": \"wolfSSL\", \"dateUpdated\": \"2024-03-25T22:37:56.581Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-0901\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T18:39:44.207Z\", \"dateReserved\": \"2024-01-25T19:15:43.102Z\", \"assignerOrgId\": \"50d2cd11-d01a-48ed-9441-5bfce9d63b27\", \"datePublished\": \"2024-03-25T22:37:56.581Z\", \"assignerShortName\": \"wolfSSL\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

MSRC_CVE-2024-0901

Vulnerability from csaf_microsoft - Published: 2024-03-02 08:00 - Updated: 2024-12-12 00:00

Summary

SEGV and out of bounds memory read from malicious packet

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-0901 SEGV and out of bounds memory read from malicious packet - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0901.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "SEGV and out of bounds memory read from malicious packet",
    "tracking": {
      "current_release_date": "2024-12-12T00:00:00.000Z",
      "generator": {
        "date": "2025-10-20T01:08:04.801Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-0901",
      "initial_release_date": "2024-03-02T08:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-06-30T07:00:00.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        },
        {
          "date": "2024-12-12T00:00:00.000Z",
          "legacy_version": "1.1",
          "number": "2",
          "summary": "Added mariadb to CBL-Mariner 2.0\nAdded mariadb to Azure Linux 3.0"
        }
      ],
      "status": "final",
      "version": "2"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 mariadb 10.11.6-3",
                "product": {
                  "name": "\u003cazl3 mariadb 10.11.6-3",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 mariadb 10.11.6-3",
                "product": {
                  "name": "azl3 mariadb 10.11.6-3",
                  "product_id": "17774"
                }
              }
            ],
            "category": "product_name",
            "name": "mariadb"
          },
          {
            "category": "product_name",
            "name": "cbl2 mariadb 10.6.9-6",
            "product": {
              "name": "cbl2 mariadb 10.6.9-6",
              "product_id": "1"
            }
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 mariadb 10.11.6-3 as a component of Azure Linux 3.0",
          "product_id": "17084-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 mariadb 10.11.6-3 as a component of Azure Linux 3.0",
          "product_id": "17774-17084"
        },
        "product_reference": "17774",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 mariadb 10.6.9-6 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-0901",
      "cwe": {
        "id": "CWE-129",
        "name": "Improper Validation of Array Index"
      },
      "flags": [
        {
          "label": "vulnerable_code_not_present",
          "product_ids": [
            "17086-1"
          ]
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "wolfSSL",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "17774-17084"
        ],
        "known_affected": [
          "17084-2"
        ],
        "known_not_affected": [
          "17086-1"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-0901 SEGV and out of bounds memory read from malicious packet - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-0901.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-06-30T07:00:00.000Z",
          "details": "10.11.6-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-2"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 7.5,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "17084-2"
          ]
        }
      ],
      "title": "SEGV and out of bounds memory read from malicious packet"
    }
  ]
}

FKIE_CVE-2024-0901

Vulnerability from fkie_nvd - Published: 2024-03-25 23:15 - Updated: 2024-11-21 08:47

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H

Summary

Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.

References

	URL	Tags
	facts@wolfssl.com	https://github.com/wolfSSL/wolfssl/issues/7089
	facts@wolfssl.com	https://github.com/wolfSSL/wolfssl/pull/7099
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/wolfSSL/wolfssl/issues/7089
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/wolfSSL/wolfssl/pull/7099

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\n"
    },
    {
      "lang": "es",
      "value": "SEGV ejecutado de forma remota y lectura fuera de los l\u00edmites permite que el remitente de paquetes maliciosos falle o provoque una lectura fuera de los l\u00edmites mediante el env\u00edo de un paquete con formato incorrecto y con la longitud correcta."
    }
  ],
  "id": "CVE-2024-0901",
  "lastModified": "2024-11-21T08:47:39.493",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 7.5,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 4.7,
        "source": "facts@wolfssl.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-03-25T23:15:51.250",
  "references": [
    {
      "source": "facts@wolfssl.com",
      "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
    },
    {
      "source": "facts@wolfssl.com",
      "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
    }
  ],
  "sourceIdentifier": "facts@wolfssl.com",
  "vulnStatus": "Undergoing Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-129"
        }
      ],
      "source": "facts@wolfssl.com",
      "type": "Secondary"
    }
  ]
}

CNVD-2024-37451

Vulnerability from cnvd - Published: 2024-09-05

Title

wolfSSL数组索引验证错误漏洞

Description

wolfSSL（CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL 5.6.3版本存在数组索引验证错误漏洞，该漏洞源于未对输入的错误消息做正确的处理，攻击者可利用该漏洞通过发送格式错误的数据包来导致系统崩溃或越界读取。

Severity

中

Patch Name

wolfSSL数组索引验证错误漏洞的补丁

Patch Description

wolfSSL（CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。 wolfSSL 5.6.3版本存在数组索引验证错误漏洞，该漏洞源于未对输入的错误消息做正确的处理，攻击者可利用该漏洞通过发送格式错误的数据包来导致系统崩溃或越界读取。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description

厂商已发布了漏洞修复程序，请及时关注更新： https://github.com/wolfSSL/wolfssl/pull/7099

Reference

https://github.com/wolfSSL/wolfssl/issues/7089

Impacted products

Name
wolfSSL Inc. WolfSSL 5.6.3

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2024-0901",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2024-0901"
    }
  },
  "description": "wolfSSL\uff08CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\n\nwolfSSL 5.6.3\u7248\u672c\u5b58\u5728\u6570\u7ec4\u7d22\u5f15\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5bf9\u8f93\u5165\u7684\u9519\u8bef\u6d88\u606f\u505a\u6b63\u786e\u7684\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u683c\u5f0f\u9519\u8bef\u7684\u6570\u636e\u5305\u6765\u5bfc\u81f4\u7cfb\u7edf\u5d29\u6e83\u6216\u8d8a\u754c\u8bfb\u53d6\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://github.com/wolfSSL/wolfssl/pull/7099",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-37451",
  "openTime": "2024-09-05",
  "patchDescription": "wolfSSL\uff08CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\r\n\r\nwolfSSL 5.6.3\u7248\u672c\u5b58\u5728\u6570\u7ec4\u7d22\u5f15\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5bf9\u8f93\u5165\u7684\u9519\u8bef\u6d88\u606f\u505a\u6b63\u786e\u7684\u5904\u7406\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u901a\u8fc7\u53d1\u9001\u683c\u5f0f\u9519\u8bef\u7684\u6570\u636e\u5305\u6765\u5bfc\u81f4\u7cfb\u7edf\u5d29\u6e83\u6216\u8d8a\u754c\u8bfb\u53d6\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "wolfSSL\u6570\u7ec4\u7d22\u5f15\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "wolfSSL Inc. WolfSSL 5.6.3"
  },
  "referenceLink": "https://github.com/wolfSSL/wolfssl/issues/7089",
  "serverity": "\u4e2d",
  "submitTime": "2024-03-27",
  "title": "wolfSSL\u6570\u7ec4\u7d22\u5f15\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

GHSA-QRV4-68MG-FV43

Vulnerability from github – Published: 2024-03-26 00:32 – Updated: 2024-03-26 00:32

Details

Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.

Severity ?

7.5 (High)


                  
                    CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-0901"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-129"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-03-25T23:15:51Z",
    "severity": "HIGH"
  },
  "details": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\n",
  "id": "GHSA-qrv4-68mg-fv43",
  "modified": "2024-03-26T00:32:02Z",
  "published": "2024-03-26T00:32:02Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0901"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
    },
    {
      "type": "WEB",
      "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2024-0901

Vulnerability from gsd - Updated: 2024-01-26 06:02

Details

Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.

Aliases

CVE-2024-0901

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-0901"
      ],
      "details": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\n",
      "id": "GSD-2024-0901",
      "modified": "2024-01-26T06:02:23.667891Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "facts@wolfssl.com",
        "ID": "CVE-2024-0901",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "wolfSSL",
                    "version": {
                      "version_data": [
                        {
                          "version_affected": "\u003c=",
                          "version_name": "3.12.2",
                          "version_value": "5.6.6"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "wolfSSL"
            }
          ]
        }
      },
      "configuration": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eAffects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eIf using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "Affects TLS 1.3 on the server side when accepting a connection from a malicious TLS 1.3 client.\u00a0If using TLS 1.3 on the server side it is recommended to update the version of wolfSSL used.\n"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Jiamin Yu"
        }
      ],
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\n"
          }
        ]
      },
      "generator": {
        "engine": "Vulnogram 0.1.0-dev"
      },
      "impact": {
        "cvss": [
          {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
            "version": "3.1"
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "cweId": "CWE-129",
                "lang": "eng",
                "value": "CWE-129 Improper Validation of Array Index"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/wolfSSL/wolfssl/issues/7089",
            "refsource": "MISC",
            "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
          },
          {
            "name": "https://github.com/wolfSSL/wolfssl/pull/7099",
            "refsource": "MISC",
            "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
          }
        ]
      },
      "solution": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Update wolfSSL to 5.7.0 or apply the fix located in:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/wolfSSL/wolfssl/pull/7099\"\u003ehttps://github.com/wolfSSL/wolfssl/pull/7099\u003c/a\u003e.\u003cbr\u003e"
            }
          ],
          "value": "Update wolfSSL to 5.7.0 or apply the fix located in:\u00a0 https://github.com/wolfSSL/wolfssl/pull/7099 .\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "Remotely executed SEGV and out of bounds read allows malicious packet sender to crash or cause an out of bounds read via sending a malformed packet with the correct length.\n"
          },
          {
            "lang": "es",
            "value": "SEGV ejecutado de forma remota y lectura fuera de los l\u00edmites permite que el remitente de paquetes maliciosos falle o provoque una lectura fuera de los l\u00edmites mediante el env\u00edo de un paquete con formato incorrecto y con la longitud correcta."
          }
        ],
        "id": "CVE-2024-0901",
        "lastModified": "2024-03-26T12:55:05.010",
        "metrics": {
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 7.5,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "NONE",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 2.2,
              "impactScore": 4.7,
              "source": "facts@wolfssl.com",
              "type": "Secondary"
            }
          ]
        },
        "published": "2024-03-25T23:15:51.250",
        "references": [
          {
            "source": "facts@wolfssl.com",
            "url": "https://github.com/wolfSSL/wolfssl/issues/7089"
          },
          {
            "source": "facts@wolfssl.com",
            "url": "https://github.com/wolfSSL/wolfssl/pull/7099"
          }
        ],
        "sourceIdentifier": "facts@wolfssl.com",
        "vulnStatus": "Awaiting Analysis",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-129"
              }
            ],
            "source": "facts@wolfssl.com",
            "type": "Secondary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-0901 (GCVE-0-2024-0901)

MSRC_CVE-2024-0901

FKIE_CVE-2024-0901

CNVD-2024-37451

GHSA-QRV4-68MG-FV43

GSD-2024-0901

Tags

Sightings

Nomenclature