cvelistv5 - cve-2024-1930

CVE-2024-1930 (GCVE-0-2024-1930)

Vulnerability from cvelistv5 – Published: 2024-05-08 01:52 – Updated: 2024-08-01 18:56

Summary

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method. For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.

Severity ?

6.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

fedora

References

URL

Tags

https://www.openwall.com/lists/oss-security/2024/…

Impacted products

	Vendor	Product	Version
	Fedora	dnf5daemon-server	Affected: 5.1.16<=

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:fedora:dnf5daemon-server:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "dnf5daemon-server",
            "vendor": "fedora",
            "versions": [
              {
                "lessThan": "5.1.17",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1930",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-08T14:47:09.395902Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-06T13:19:28.577Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:56:22.475Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "dnf5daemon-server",
          "vendor": "Fedora",
          "versions": [
            {
              "status": "affected",
              "version": "5.1.16\u003c="
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u0026nbsp;No Limit on Number of Open Sessions.\u003cbr\u003e\u003cbr\u003eThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u0026nbsp;For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\u003cbr\u003e\u003cbr\u003e"
            }
          ],
          "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\n\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\n\n"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400 Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-05-08T01:52:54.938Z",
        "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
        "shortName": "fedora"
      },
      "references": [
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "No Limit on Number of Open Sessions / Bad Session Close Behaviour",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
    "assignerShortName": "fedora",
    "cveId": "CVE-2024-1930",
    "datePublished": "2024-05-08T01:52:54.938Z",
    "dateReserved": "2024-02-27T12:44:59.949Z",
    "dateUpdated": "2024-08-01T18:56:22.475Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "descriptions": "[{\"lang\": \"en\", \"value\": \"No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\\u00a0No Limit on Number of Open Sessions.\\n\\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\\n\\n\"}, {\"lang\": \"es\", \"value\": \"Sin l\\u00edmite en el n\\u00famero de sesiones abiertas / mal comportamiento de cierre de sesi\\u00f3n en dnf5daemon-server anterior a 5.1.17 permite que un usuario malintencionado afecte la disponibilidad mediante Sin l\\u00edmite en el n\\u00famero de sesiones abiertas. No hay l\\u00edmite en la cantidad de sesiones que los clientes D-Bus pueden crear usando el m\\u00e9todo D-Bus `open_session()`. Para cada sesi\\u00f3n se crea un hilo en dnf5daemon-server. Esto gasta un par de cientos de megabytes de memoria en el proceso. Ser\\u00e1 imposible realizar m\\u00e1s conexiones, probablemente porque el servicio D-Bus no puede generar m\\u00e1s subprocesos.\"}]",
      "id": "CVE-2024-1930",
      "lastModified": "2024-11-21T08:51:37.427",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"patrick@puiterwijk.org\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\", \"baseScore\": 6.5, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 2.0, \"impactScore\": 4.0}]}",
      "published": "2024-05-08T02:15:09.503",
      "references": "[{\"url\": \"https://www.openwall.com/lists/oss-security/2024/03/04/2\", \"source\": \"patrick@puiterwijk.org\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2024/03/04/2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "patrick@puiterwijk.org",
      "vulnStatus": "Awaiting Analysis",
      "weaknesses": "[{\"source\": \"patrick@puiterwijk.org\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-400\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-1930\",\"sourceIdentifier\":\"patrick@puiterwijk.org\",\"published\":\"2024-05-08T02:15:09.503\",\"lastModified\":\"2025-08-07T17:21:11.740\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\\n\\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\\n\\n\"},{\"lang\":\"es\",\"value\":\"Sin l\u00edmite en el n\u00famero de sesiones abiertas / mal comportamiento de cierre de sesi\u00f3n en dnf5daemon-server anterior a 5.1.17 permite que un usuario malintencionado afecte la disponibilidad mediante Sin l\u00edmite en el n\u00famero de sesiones abiertas. No hay l\u00edmite en la cantidad de sesiones que los clientes D-Bus pueden crear usando el m\u00e9todo D-Bus `open_session()`. Para cada sesi\u00f3n se crea un hilo en dnf5daemon-server. Esto gasta un par de cientos de megabytes de memoria en el proceso. Ser\u00e1 imposible realizar m\u00e1s conexiones, probablemente porque el servicio D-Bus no puede generar m\u00e1s subprocesos.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"patrick@puiterwijk.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\",\"baseScore\":6.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.0,\"impactScore\":4.0}]},\"weaknesses\":[{\"source\":\"patrick@puiterwijk.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-400\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:rpm-software-management:dnf5:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.1.17\",\"matchCriteriaId\":\"011EF61C-CD6B-48B4-8E4B-EC5E3C9841AB\"}]}]}],\"references\":[{\"url\":\"https://www.openwall.com/lists/oss-security/2024/03/04/2\",\"source\":\"patrick@puiterwijk.org\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2024/03/04/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Mailing List\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.openwall.com/lists/oss-security/2024/03/04/2\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-01T18:56:22.475Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-1930\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-08T14:47:09.395902Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:fedora:dnf5daemon-server:*:*:*:*:*:*:*:*\"], \"vendor\": \"fedora\", \"product\": \"dnf5daemon-server\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"5.1.17\", \"versionType\": \"custom\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-08T14:54:52.778Z\"}}], \"cna\": {\"title\": \"No Limit on Number of Open Sessions / Bad Session Close Behaviour\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 6.5, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Fedora\", \"product\": \"dnf5daemon-server\", \"versions\": [{\"status\": \"affected\", \"version\": \"5.1.16\u003c=\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.openwall.com/lists/oss-security/2024/03/04/2\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\\u00a0No Limit on Number of Open Sessions.\\n\\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\\n\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u0026nbsp;No Limit on Number of Open Sessions.\u003cbr\u003e\u003cbr\u003eThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u0026nbsp;For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\u003cbr\u003e\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-400\", \"description\": \"CWE-400 Uncontrolled Resource Consumption\"}]}], \"providerMetadata\": {\"orgId\": \"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5\", \"shortName\": \"fedora\", \"dateUpdated\": \"2024-05-08T01:52:54.938Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-1930\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-01T18:56:22.475Z\", \"dateReserved\": \"2024-02-27T12:44:59.949Z\", \"assignerOrgId\": \"92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5\", \"datePublished\": \"2024-05-08T01:52:54.938Z\", \"assignerShortName\": \"fedora\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

MSRC_CVE-2024-1930

Vulnerability from csaf_microsoft - Published: 2024-05-02 07:00 - Updated: 2025-09-03 19:32

Summary

No Limit on Number of Open Sessions / Bad Session Close Behaviour

Notes

Additional Resources

To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle

Disclaimer

The information provided in the Microsoft Knowledge Base is provided \"as is\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.

JSON

To clipboard

{
  "document": {
    "category": "csaf_vex",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Public",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "general",
        "text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
        "title": "Additional Resources"
      },
      {
        "category": "legal_disclaimer",
        "text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
        "title": "Disclaimer"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "secure@microsoft.com",
      "name": "Microsoft Security Response Center",
      "namespace": "https://msrc.microsoft.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour - VEX",
        "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-1930.json"
      },
      {
        "category": "external",
        "summary": "Microsoft Support Lifecycle",
        "url": "https://support.microsoft.com/lifecycle"
      },
      {
        "category": "external",
        "summary": "Common Vulnerability Scoring System",
        "url": "https://www.first.org/cvss"
      }
    ],
    "title": "No Limit on Number of Open Sessions / Bad Session Close Behaviour",
    "tracking": {
      "current_release_date": "2025-09-03T19:32:32.000Z",
      "generator": {
        "date": "2025-10-20T01:36:29.114Z",
        "engine": {
          "name": "MSRC Generator",
          "version": "1.0"
        }
      },
      "id": "msrc_CVE-2024-1930",
      "initial_release_date": "2024-05-02T07:00:00.000Z",
      "revision_history": [
        {
          "date": "2025-09-03T19:32:32.000Z",
          "legacy_version": "1",
          "number": "1",
          "summary": "Information published."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "3.0",
                "product": {
                  "name": "Azure Linux 3.0",
                  "product_id": "17084"
                }
              },
              {
                "category": "product_version",
                "name": "2.0",
                "product": {
                  "name": "CBL Mariner 2.0",
                  "product_id": "17086"
                }
              }
            ],
            "category": "product_name",
            "name": "Azure Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003cazl3 dnf5 5.1.11-2",
                "product": {
                  "name": "\u003cazl3 dnf5 5.1.11-2",
                  "product_id": "4"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 dnf5 5.1.11-2",
                "product": {
                  "name": "azl3 dnf5 5.1.11-2",
                  "product_id": "17747"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 dnf5 5.0.14-3",
                "product": {
                  "name": "\u003ccbl2 dnf5 5.0.14-3",
                  "product_id": "1"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 dnf5 5.0.14-3",
                "product": {
                  "name": "cbl2 dnf5 5.0.14-3",
                  "product_id": "20399"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003cazl3 dnf5 5.1.11-3",
                "product": {
                  "name": "\u003cazl3 dnf5 5.1.11-3",
                  "product_id": "3"
                }
              },
              {
                "category": "product_version",
                "name": "azl3 dnf5 5.1.11-3",
                "product": {
                  "name": "azl3 dnf5 5.1.11-3",
                  "product_id": "19699"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003ccbl2 dnf5 5.0.14-2",
                "product": {
                  "name": "\u003ccbl2 dnf5 5.0.14-2",
                  "product_id": "2"
                }
              },
              {
                "category": "product_version",
                "name": "cbl2 dnf5 5.0.14-2",
                "product": {
                  "name": "cbl2 dnf5 5.0.14-2",
                  "product_id": "19708"
                }
              }
            ],
            "category": "product_name",
            "name": "dnf5"
          }
        ],
        "category": "vendor",
        "name": "Microsoft"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 dnf5 5.1.11-2 as a component of Azure Linux 3.0",
          "product_id": "17084-4"
        },
        "product_reference": "4",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 dnf5 5.1.11-2 as a component of Azure Linux 3.0",
          "product_id": "17747-17084"
        },
        "product_reference": "17747",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 dnf5 5.0.14-3 as a component of CBL Mariner 2.0",
          "product_id": "17086-1"
        },
        "product_reference": "1",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 dnf5 5.0.14-3 as a component of CBL Mariner 2.0",
          "product_id": "20399-17086"
        },
        "product_reference": "20399",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003cazl3 dnf5 5.1.11-3 as a component of Azure Linux 3.0",
          "product_id": "17084-3"
        },
        "product_reference": "3",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "azl3 dnf5 5.1.11-3 as a component of Azure Linux 3.0",
          "product_id": "19699-17084"
        },
        "product_reference": "19699",
        "relates_to_product_reference": "17084"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "\u003ccbl2 dnf5 5.0.14-2 as a component of CBL Mariner 2.0",
          "product_id": "17086-2"
        },
        "product_reference": "2",
        "relates_to_product_reference": "17086"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "cbl2 dnf5 5.0.14-2 as a component of CBL Mariner 2.0",
          "product_id": "19708-17086"
        },
        "product_reference": "19708",
        "relates_to_product_reference": "17086"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-1930",
      "cwe": {
        "id": "CWE-400",
        "name": "Uncontrolled Resource Consumption"
      },
      "notes": [
        {
          "category": "general",
          "text": "fedora",
          "title": "Assigning CNA"
        }
      ],
      "product_status": {
        "fixed": [
          "17747-17084",
          "20399-17086",
          "19699-17084",
          "19708-17086"
        ],
        "known_affected": [
          "17084-4",
          "17086-1",
          "17084-3",
          "17086-2"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "CVE-2024-1930 No Limit on Number of Open Sessions / Bad Session Close Behaviour - VEX",
          "url": "https://msrc.microsoft.com/csaf/vex/2024/msrc_cve-2024-1930.json"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-09-03T19:32:32.000Z",
          "details": "5.1.11-2:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17084-4",
            "17084-3"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        },
        {
          "category": "vendor_fix",
          "date": "2025-09-03T19:32:32.000Z",
          "details": "5.0.14-3:Security Update:https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade",
          "product_ids": [
            "17086-1",
            "17086-2"
          ],
          "url": "https://learn.microsoft.com/en-us/azure/azure-linux/tutorial-azure-linux-upgrade"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "environmentalsScore": 0.0,
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "temporalScore": 6.5,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "17084-4",
            "17086-1",
            "17084-3",
            "17086-2"
          ]
        }
      ],
      "title": "No Limit on Number of Open Sessions / Bad Session Close Behaviour"
    }
  ]
}

FKIE_CVE-2024-1930

Vulnerability from fkie_nvd - Published: 2024-05-08 02:15 - Updated: 2025-08-07 17:21

Severity ?

6.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Summary

References

	URL	Tags
	patrick@puiterwijk.org	https://www.openwall.com/lists/oss-security/2024/03/04/2	Exploit, Mailing List, Third Party Advisory
	af854a3a-2127-422b-91ae-364da2661108	https://www.openwall.com/lists/oss-security/2024/03/04/2	Exploit, Mailing List, Third Party Advisory

Impacted products

	Vendor	Product	Version
	rpm-software-management	dnf5	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rpm-software-management:dnf5:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "011EF61C-CD6B-48B4-8E4B-EC5E3C9841AB",
              "versionEndExcluding": "5.1.17",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\n\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\n\n"
    },
    {
      "lang": "es",
      "value": "Sin l\u00edmite en el n\u00famero de sesiones abiertas / mal comportamiento de cierre de sesi\u00f3n en dnf5daemon-server anterior a 5.1.17 permite que un usuario malintencionado afecte la disponibilidad mediante Sin l\u00edmite en el n\u00famero de sesiones abiertas. No hay l\u00edmite en la cantidad de sesiones que los clientes D-Bus pueden crear usando el m\u00e9todo D-Bus `open_session()`. Para cada sesi\u00f3n se crea un hilo en dnf5daemon-server. Esto gasta un par de cientos de megabytes de memoria en el proceso. Ser\u00e1 imposible realizar m\u00e1s conexiones, probablemente porque el servicio D-Bus no puede generar m\u00e1s subprocesos."
    }
  ],
  "id": "CVE-2024-1930",
  "lastModified": "2025-08-07T17:21:11.740",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "LOCAL",
          "availabilityImpact": "HIGH",
          "baseScore": 6.5,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.0,
        "impactScore": 4.0,
        "source": "patrick@puiterwijk.org",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-05-08T02:15:09.503",
  "references": [
    {
      "source": "patrick@puiterwijk.org",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"
    }
  ],
  "sourceIdentifier": "patrick@puiterwijk.org",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-400"
        }
      ],
      "source": "patrick@puiterwijk.org",
      "type": "Secondary"
    }
  ]
}

GHSA-P6MC-XXVV-R37F

Vulnerability from github – Published: 2024-05-08 03:30 – Updated: 2024-05-08 03:30

Details

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions.

There is no limit on how many sessions D-Bus clients may create using the open_session() D-Bus method. For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.

Severity ?

6.5 (Medium)


                  
                    CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-1930"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-400"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-05-08T02:15:09Z",
    "severity": "MODERATE"
  },
  "details": "No Limit on Number of Open Sessions / Bad Session Close Behaviour  in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\n\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\n\n",
  "id": "GHSA-p6mc-xxvv-r37f",
  "modified": "2024-05-08T03:30:37Z",
  "published": "2024-05-08T03:30:37Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1930"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GSD-2024-1930

Vulnerability from gsd - Updated: 2024-02-28 06:02

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2024-1930

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-1930"
      ],
      "id": "GSD-2024-1930",
      "modified": "2024-02-28T06:02:28.879033Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-1930",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

WID-SEC-W-2024-0548

Vulnerability from csaf_certbund - Published: 2024-03-04 23:00 - Updated: 2024-03-04 23:00

Summary

Linux: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Linux ist ein verbreitetes Open Source Betriebssystem.

Angriff

Ein lokaler Angreifer kann mehrere Schwachstellen in Linux ausnutzen, um seine Privilegien zu erhöhen oder einen Denial of Service Zustand herbeizuführen.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Linux ist ein verbreitetes Open Source Betriebssystem.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein lokaler Angreifer kann mehrere Schwachstellen in Linux ausnutzen, um seine Privilegien zu erh\u00f6hen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0548 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0548.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0548 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0548"
      },
      {
        "category": "external",
        "summary": "OSS-Sec Mailing List vom 2024-03-04",
        "url": "https://seclists.org/oss-sec/2024/q1/186"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2024-03-04T23:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:06:05.209+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0548",
      "initial_release_date": "2024-03-04T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-03-04T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux",
            "product": {
              "name": "Open Source Linux",
              "product_id": "T028605",
              "product_identification_helper": {
                "cpe": "cpe:/o:open_source:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-1929",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in verschiedenen Linux Distributionen. Der Fehler besteht in der Komponente \"dnf5daemon\" und ist auf eine unzureichende Absicherung gegen eine Privilegienerweiterung. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um seine Privilegien zu erweitern."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028605"
        ]
      },
      "release_date": "2024-03-04T23:00:00.000+00:00",
      "title": "CVE-2024-1929"
    },
    {
      "cve": "CVE-2024-1930",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in verschiedenen Linux Distributionen. Der Fehler besteht in der Komponente \"dnf5daemon\" und ist darauf zur\u00fcckzuf\u00fchren, dass die Nummer der gleichzeitig offenen Sessions nicht limitiert wird. Ein lokaler Angreifer kann diese Schwachstelle ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren."
        }
      ],
      "product_status": {
        "known_affected": [
          "T028605"
        ]
      },
      "release_date": "2024-03-04T23:00:00.000+00:00",
      "title": "CVE-2024-1930"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2024-1930 (GCVE-0-2024-1930)

MSRC_CVE-2024-1930

FKIE_CVE-2024-1930

GHSA-P6MC-XXVV-R37F

GSD-2024-1930

WID-SEC-W-2024-0548

Tags

Sightings

Nomenclature