cvelistv5 - cve-2024-1488

CVE-2024-1488 (GCVE-0-2024-1488)

Vulnerability from cvelistv5 – Published: 2024-02-15 05:04 – Updated: 2025-11-11 15:29

Summary

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.

Severity ?

8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

CWE

CWE-276 - Incorrect Default Permissions

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:1750	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1751	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1780	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1801	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1802	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:1804	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2587	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:2696	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:0837	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-1488	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2264183	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 1.16.2

Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.16.2-5.el8_9.6 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.16.2-5.8.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Telecommunications Update Service	Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions	Unaffected: 0:1.7.3-12.el8_2.1 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.2::appstream cpe:/a:redhat:rhel_aus:8.2::appstream cpe:/a:redhat:rhel_tus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Telecommunications Update Service	Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions	Unaffected: 0:1.7.3-15.el8_4.1 , < * (rpm) cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_e4s:8.4::appstream cpe:/a:redhat:rhel_tus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support	Unaffected: 0:1.7.3-17.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_eus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support	Unaffected: 0:1.16.2-5.el8_8.4 , < * (rpm) cpe:/a:redhat:rhel_eus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.16.2-3.el9_3.5 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Extended Update Support	Unaffected: 0:1.13.1-13.el9_0.4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:1.16.2-3.el9_2.4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/a:redhat:rhel_eus:9.2::crb
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7

Show details on NVD website

Vendor	Product	Description
Juniper Networks	Junos OS	Junos OS versions 22.4.x antérieures à 22.4R3-S5
Juniper Networks	Junos Space	Junos Space versions antérieures à 24.1R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions antérieures à 21.2R3-S9-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.4.x-EVO antérieures à 23.4R2-S3-EVO
Juniper Networks	Junos OS	Junos OS versions 24.2.x antérieures à 24.2R1-S2 et 24.2R2
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 23.2.x-EVO antérieures à 23.2R2-S3-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 21.4.x-EVO antérieures à 21.4R3-S10-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.4.x-EVO antérieures à 22.4R3-S5-EVO
Juniper Networks	Junos OS	Junos OS versions 22.2.x antérieures à 22.2R3-S5
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.3.x-EVO antérieures à 22.3R3-S4-EVO
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 24.2.x-EVO antérieures à 24.2R1-S2-EVO et 24.2R2-EVO
Juniper Networks	Junos OS	Junos OS versions 22.3.x antérieures à 22.3R3-S4
Juniper Networks	Junos OS	Junos OS versions 23.4.x antérieures à 23.4R2-S3
Juniper Networks	Junos OS	Junos OS versions 21.4.x antérieures à 21.4R3-S10
Juniper Networks	Junos OS	Junos OS versions 23.2.x antérieures à 23.2R2-S3
Juniper Networks	Junos OS	Junos OS versions antérieures à 21.2R3-S9
Juniper Networks	Junos OS Evolved	Junos OS Evolved versions 22.2.x-EVO antérieures à 22.2R3-S5-EVO

Vendor	Product	Description
IBM	Sterling Connect:Direct	IBM Sterling Connect:Direct Web Services (Certified Container) toutes versions sans le dernier correctif de sécurité
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.23
IBM	N/A	AIX et VIOS sans le dernier correctif de sécurité
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions antérieures à 6.1.0.24
IBM	QRadar	SOAR QRadar Plugin App versions antérieures à 5.4.0
IBM	Sterling Connect:Direct	Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.7
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF02

Vendor	Product	Description
IBM	QRadar SIEM	QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP11 IF01
IBM	Controller	Controller versions 11.1.0.x antérieures à 11.1.0.1
IBM	MaaS360	MaaS360 Base, Configuration Utility versions antérieures à 3.001.100
IBM	MaaS360	MaaS360 Mobile Enterprise Gateway versions antérieures à 3.001.100
IBM	Cognos Controller	Cognos Controller versions 11.x antérieures à 11.0.1 FP4

URL	Tags
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:1750	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:1751	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:1780	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:1801	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:1802	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:1804	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:2587	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2024:2696	Third Party Advisory
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:0837
secalert@redhat.com	https://access.redhat.com/security/cve/CVE-2024-1488	Third Party Advisory
secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=2264183	Issue Tracking, Patch
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:1750	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:1751	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:1780	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:1801	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:1802	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:1804	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:2587	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/errata/RHSA-2024:2696	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://access.redhat.com/security/cve/CVE-2024-1488	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=2264183	Issue Tracking, Patch

Vendor	Product	Version
fedoraproject	unbound	*
redhat	codeready_linux_builder	9.0
redhat	codeready_linux_builder_eus	9.2
redhat	codeready_linux_builder_eus	9.4
redhat	codeready_linux_builder_eus_for_power_little_endian	9.0_ppc64le
redhat	codeready_linux_builder_eus_for_power_little_endian	9.2_ppc64le
redhat	codeready_linux_builder_for_arm64	9.0_aarch64
redhat	codeready_linux_builder_for_arm64	9.2_aarch64
redhat	codeready_linux_builder_for_arm64_eus	9.4_aarch64
redhat	codeready_linux_builder_for_ibm_z_systems	9.0_s390x
redhat	codeready_linux_builder_for_ibm_z_systems	9.2_s390x
redhat	codeready_linux_builder_for_ibm_z_systems_eus	9.4_s390x
redhat	enterprise_linux	8.0
redhat	enterprise_linux	9.0
redhat	enterprise_linux_eus	8.6
redhat	enterprise_linux_eus	8.8
redhat	enterprise_linux_eus	9.2
redhat	enterprise_linux_eus	9.4
redhat	enterprise_linux_for_arm_64	8.0_aarch64
redhat	enterprise_linux_for_arm_64	9.0_aarch64
redhat	enterprise_linux_for_arm_64	9.2_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.6_aarch64
redhat	enterprise_linux_for_arm_64_eus	8.8_aarch64
redhat	enterprise_linux_for_arm_64_eus	9.4_aarch64
redhat	enterprise_linux_for_ibm_z_systems	8.0_s390x
redhat	enterprise_linux_for_ibm_z_systems	9.0_s390x
redhat	enterprise_linux_for_ibm_z_systems	9.2_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.6_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	8.8_s390x
redhat	enterprise_linux_for_ibm_z_systems_eus	9.4_s390x
redhat	enterprise_linux_for_power_little_endian	8.0_ppc64le
redhat	enterprise_linux_for_power_little_endian	9.0_ppc64le
redhat	enterprise_linux_for_power_little_endian	9.2_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.6_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	8.8_ppc64le
redhat	enterprise_linux_for_power_little_endian_eus	9.4_ppc64le
redhat	enterprise_linux_server_aus	8.2
redhat	enterprise_linux_server_aus	8.4
redhat	enterprise_linux_server_aus	8.6
redhat	enterprise_linux_server_aus	9.2
redhat	enterprise_linux_server_aus	9.4
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.2_ppc64le
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.4_ppc64le
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.6_ppc64le
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	8.8_ppc64le
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.2_ppc64le
redhat	enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions	9.4_ppc64le
redhat	enterprise_linux_server_tus	8.2
redhat	enterprise_linux_server_tus	8.4
redhat	enterprise_linux_server_tus	8.6
redhat	enterprise_linux_server_tus	8.8

Action not permitted

CVE-2024-1488 (GCVE-0-2024-1488)

Solutions

Solution

Solution

Solutions

Solutions

Solutions

Solutions

Solutions

Solutions

Solutions

Tags

Sightings

Nomenclature