csaf_certbund - wid-sec-w-2024-0995

WID-SEC-W-2024-0995

Vulnerability from csaf_certbund - Published: 2024-04-29 22:00 - Updated: 2025-11-17 23:00

Summary

Red Hat Enterprise Linux: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder seine Privilegien zu erweitern.

Betroffene Betriebssysteme

- Linux

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen offenzulegen, Dateien zu manipulieren oder seine Privilegien zu erweitern.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0995 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0995.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0995 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0995"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2137"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2147"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2295"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2337"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2366"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2396"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2512"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2199"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2204"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-04-29",
        "url": "https://access.redhat.com/errata/RHSA-2024:2438"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3105 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3105"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3120 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3120"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3044 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3044"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3139 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3139"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3163 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3163"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:3008 vom 2024-05-22",
        "url": "https://access.redhat.com/errata/RHSA-2024:3008"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-3044 vom 2024-05-28",
        "url": "https://linux.oracle.com/errata/ELSA-2024-3044.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:0136-2 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018909.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2024:2375-1 vom 2024-07-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2024-July/018915.html"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202409-06 vom 2024-09-22",
        "url": "https://security.gentoo.org/glsa/202409-06"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10965 vom 2024-12-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:10965"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-11250 vom 2024-12-19",
        "url": "https://linux.oracle.com/errata/ELSA-2024-11250.html"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7266-1 vom 2025-02-13",
        "url": "https://ubuntu.com/security/notices/USN-7266-1"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13098 vom 2025-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:13098"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13100 vom 2025-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:13100"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13101 vom 2025-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:13101"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13103 vom 2025-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:13103"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13104 vom 2025-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:13104"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:13102 vom 2025-08-06",
        "url": "https://access.redhat.com/errata/RHSA-2025:13102"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:14553 vom 2025-08-26",
        "url": "https://access.redhat.com/errata/RHSA-2025:14553"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-14553 vom 2025-08-26",
        "url": "https://linux.oracle.com/errata/ELSA-2025-14553.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:15874 vom 2025-09-16",
        "url": "https://access.redhat.com/errata/RHSA-2025:15874"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2025-15874 vom 2025-09-17",
        "url": "https://linux.oracle.com/errata/ELSA-2025-15874.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2025:15874 vom 2025-10-10",
        "url": "https://errata.build.resf.org/RLSA-2025:15874"
      },
      {
        "category": "external",
        "summary": "Ubuntu Security Notice USN-7870-1 vom 2025-11-18",
        "url": "https://ubuntu.com/security/notices/USN-7870-1"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-17T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-18T08:17:28.561+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.5.0"
        }
      },
      "id": "WID-SEC-W-2024-0995",
      "initial_release_date": "2024-04-29T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-29T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-05-21T22:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-05-28T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-07-09T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2024-09-22T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Gentoo aufgenommen"
        },
        {
          "date": "2024-12-11T23:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2024-12-19T23:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-02-12T23:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        },
        {
          "date": "2025-08-05T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-08-25T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-08-26T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-09-15T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-09-16T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2025-10-09T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
        },
        {
          "date": "2025-11-17T23:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Ubuntu aufgenommen"
        }
      ],
      "status": "final",
      "version": "15"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "Red Hat Enterprise Linux 9",
                  "product_id": "T034465",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "8",
                "product": {
                  "name": "Red Hat Enterprise Linux 8",
                  "product_id": "T034466",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:8"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "7",
                "product": {
                  "name": "Red Hat Enterprise Linux 7",
                  "product_id": "T034467",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:7"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Ubuntu Linux",
            "product": {
              "name": "Ubuntu Linux",
              "product_id": "T000126",
              "product_identification_helper": {
                "cpe": "cpe:/o:canonical:ubuntu_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Ubuntu"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2021-29390",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2021-29390"
    },
    {
      "cve": "CVE-2022-48554",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2022-48554"
    },
    {
      "cve": "CVE-2023-1729",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2023-1729"
    },
    {
      "cve": "CVE-2023-49083",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2023-49083"
    },
    {
      "cve": "CVE-2023-5215",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2023-5215"
    },
    {
      "cve": "CVE-2023-5871",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2023-5871"
    },
    {
      "cve": "CVE-2024-1481",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2024-1481"
    },
    {
      "cve": "CVE-2024-22365",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2024-22365"
    },
    {
      "cve": "CVE-2024-24258",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2024-24258"
    },
    {
      "cve": "CVE-2024-24259",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2024-24259"
    },
    {
      "cve": "CVE-2021-40153",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2021-40153"
    },
    {
      "cve": "CVE-2021-41072",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2021-41072"
    },
    {
      "cve": "CVE-2023-41915",
      "product_status": {
        "known_affected": [
          "T034467",
          "T002207",
          "67646",
          "T000126",
          "T012167",
          "T004914",
          "T034466",
          "T032255",
          "T034465"
        ]
      },
      "release_date": "2024-04-29T22:00:00.000+00:00",
      "title": "CVE-2023-41915"
    }
  ]
}

CVE-2024-22365 (GCVE-0-2024-22365)

Vulnerability from cvelistv5 – Published: 2024-02-06 00:00 – Updated: 2025-11-03 18:08

Summary

linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/linux-pam/linux-pam
	http://www.openwall.com/lists/oss-security/2024/01/18/3
	https://github.com/linux-pam/linux-pam/releases/t…
	https://github.com/linux-pam/linux-pam/commit/031…

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 5.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-22365",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-15T21:07:13.510998Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-664",
                "description": "CWE-664 Improper Control of a Resource Through its Lifetime",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-05T16:13:13.334Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T18:08:12.740Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/linux-pam/linux-pam"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/01/18/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00021.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "linux-pam (aka Linux PAM) before 1.6.0 allows attackers to cause a denial of service (blocked login process) via mkfifo because the openat call (for protect_dir) lacks O_DIRECTORY."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-06T07:26:23.317Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/linux-pam/linux-pam"
        },
        {
          "url": "http://www.openwall.com/lists/oss-security/2024/01/18/3"
        },
        {
          "url": "https://github.com/linux-pam/linux-pam/releases/tag/v1.6.0"
        },
        {
          "url": "https://github.com/linux-pam/linux-pam/commit/031bb5a5d0d950253b68138b498dc93be69a64cb"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-22365",
    "datePublished": "2024-02-06T00:00:00.000Z",
    "dateReserved": "2024-01-09T00:00:00.000Z",
    "dateUpdated": "2025-11-03T18:08:12.740Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-41915 (GCVE-0-2023-41915)

Vulnerability from cvelistv5 – Published: 2023-09-09 00:00 – Updated: 2024-08-02 19:09

Summary

OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://docs.openpmix.org/en/latest/security.html
	https://github.com/openpmix/openpmix/releases/tag…
	https://github.com/openpmix/openpmix/releases/tag…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://www.debian.org/security/2023/dsa-5547	vendor-advisory
	http://www.openwall.com/lists/oss-security/2024/07/10/3	mailing-list
	http://www.openwall.com/lists/oss-security/2024/07/10/4	mailing-list
	http://www.openwall.com/lists/oss-security/2024/07/10/6	mailing-list
	http://www.openwall.com/lists/oss-security/2024/07/11/3	mailing-list

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T19:09:49.401Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.openpmix.org/en/latest/security.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openpmix/openpmix/releases/tag/v5.0.1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openpmix/openpmix/releases/tag/v4.2.6"
          },
          {
            "name": "FEDORA-2023-1185eca900",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFKIY6SNC3KQNZMVROWMIW6DI5XPNKQX/"
          },
          {
            "name": "FEDORA-2023-d6dbdf62ad",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYJ7IRNR6NHJMTNOV3E3W3D5MLDRDCJX/"
          },
          {
            "name": "FEDORA-2023-155d2f22f1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDLWSMQYXF2ZGOQKCG26H6ZZA5FEH7HX/"
          },
          {
            "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3643-1] pmix security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00048.html"
          },
          {
            "name": "DSA-5547",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5547"
          },
          {
            "name": "[oss-security] 20240710 linux-distros application for CentOS Project\u0027s Hyperscale SIG",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
          },
          {
            "name": "[oss-security] 20240710 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
          },
          {
            "name": "[oss-security] 20240710 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
          },
          {
            "name": "[oss-security] 20240710 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "OpenPMIx PMIx before 4.2.6 and 5.0.x before 5.0.1 allows attackers to obtain ownership of arbitrary files via a race condition during execution of library code with UID 0."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-07-11T14:06:02.353199",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://docs.openpmix.org/en/latest/security.html"
        },
        {
          "url": "https://github.com/openpmix/openpmix/releases/tag/v5.0.1"
        },
        {
          "url": "https://github.com/openpmix/openpmix/releases/tag/v4.2.6"
        },
        {
          "name": "FEDORA-2023-1185eca900",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFKIY6SNC3KQNZMVROWMIW6DI5XPNKQX/"
        },
        {
          "name": "FEDORA-2023-d6dbdf62ad",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SYJ7IRNR6NHJMTNOV3E3W3D5MLDRDCJX/"
        },
        {
          "name": "FEDORA-2023-155d2f22f1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDLWSMQYXF2ZGOQKCG26H6ZZA5FEH7HX/"
        },
        {
          "name": "[debian-lts-announce] 20231031 [SECURITY] [DLA 3643-1] pmix security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00048.html"
        },
        {
          "name": "DSA-5547",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5547"
        },
        {
          "name": "[oss-security] 20240710 linux-distros application for CentOS Project\u0027s Hyperscale SIG",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
        },
        {
          "name": "[oss-security] 20240710 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
        },
        {
          "name": "[oss-security] 20240710 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
        },
        {
          "name": "[oss-security] 20240710 Re: linux-distros application for CentOS Project\u0027s Hyperscale SIG",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-41915",
    "datePublished": "2023-09-09T00:00:00",
    "dateReserved": "2023-09-05T00:00:00",
    "dateUpdated": "2024-08-02T19:09:49.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-24259 (GCVE-0-2024-24259)

Vulnerability from cvelistv5 – Published: 2024-02-05 00:00 – Updated: 2025-11-04 18:29

Summary

freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/yinluming13579/mupdf_defects/b…
	https://github.com/freeglut/freeglut/pull/155
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:29:01.831Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/freeglut/freeglut/pull/155"
          },
          {
            "name": "FEDORA-2024-b69a4d75a1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/"
          },
          {
            "name": "FEDORA-2024-0356803680",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-24259",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-08T17:18:03.564717Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-401",
                "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-15T19:48:04.672Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "freeglut through 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddMenuEntry function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-21T03:06:30.124Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_2.md"
        },
        {
          "url": "https://github.com/freeglut/freeglut/pull/155"
        },
        {
          "name": "FEDORA-2024-b69a4d75a1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/"
        },
        {
          "name": "FEDORA-2024-0356803680",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-24259",
    "datePublished": "2024-02-05T00:00:00.000Z",
    "dateReserved": "2024-01-25T00:00:00.000Z",
    "dateUpdated": "2025-11-04T18:29:01.831Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-1481 (GCVE-0-2024-1481)

Vulnerability from cvelistv5 – Published: 2024-04-10 20:39 – Updated: 2025-11-06 21:48

Summary

A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-20 - Improper Input Validation

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:2147	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:3044	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-1481	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2262169	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 4.10.1

Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8100020240307184541.6d180cd9 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8100020240307185118.fc00487d , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:4.11.0-9.el9_4 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::crb cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7

Credits

Red Hat would like to thank Sukhov Mikhail (Angara Security) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1481",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-11T15:43:06.494851Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-18T20:16:55.083Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:22:35.430Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:2147",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2147"
          },
          {
            "name": "RHSA-2024:3044",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3044"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-1481"
          },
          {
            "name": "RHBZ#2262169",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262169"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/03/msg00026.html"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FKTET3PAOMCHBXUUY37X556PVA3DFQES/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/freeipa/freeipa/",
          "defaultStatus": "unaffected",
          "packageName": "freeipa",
          "versions": [
            {
              "status": "affected",
              "version": "4.10.1"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240307184541.6d180cd9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240307185118.fc00487d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.11.0-9.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Sukhov Mikhail (Angara Security) for reporting this issue."
        }
      ],
      "datePublic": "2024-02-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in FreeIPA. This issue may allow a remote attacker to craft a HTTP request with parameters that can be interpreted as command arguments to kinit on the FreeIPA server, which can lead to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-06T21:48:38.355Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:2147",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2147"
        },
        {
          "name": "RHSA-2024:3044",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3044"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-1481"
        },
        {
          "name": "RHBZ#2262169",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2262169"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-01-23T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-02-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Freeipa: specially crafted http requests potentially lead to denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-1481",
    "datePublished": "2024-04-10T20:39:31.175Z",
    "dateReserved": "2024-02-13T19:10:00.649Z",
    "dateUpdated": "2025-11-06T21:48:38.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-5215 (GCVE-0-2023-5215)

Vulnerability from cvelistv5 – Published: 2023-09-28 13:55 – Updated: 2025-11-08 08:55

Summary

A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn't treat the return value of the nbd_get_size() function correctly.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-241 - Improper Handling of Unexpected Data Type

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:2204	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-5215	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2241041	issue-trackingx_refsource_REDHAT
	https://listman.redhat.com/archives/libguestfs/20…

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 9

Unaffected: 0:1.18.1-3.el9 , < * (rpm)
cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:enterprise_linux:9::crb

Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat Enterprise Linux 8 Advanced Virtualization	cpe:/a:redhat:advanced_virtualization:8::el8
Red Hat	Red Hat Enterprise Linux 8 Advanced Virtualization	cpe:/a:redhat:advanced_virtualization:8::el8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T07:52:07.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:2204",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2204"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5215"
          },
          {
            "name": "RHBZ#2241041",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241041"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://listman.redhat.com/archives/libguestfs/2023-September/032635.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "libnbd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.18.1-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel/libnbd",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/libnbd",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:av/libnbd",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-09-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libnbd. A server can reply with a block size larger than 2^63 (the NBD spec states the size is a 64-bit unsigned value). This issue could lead to an application crash or other unintended behavior for NBD clients that doesn\u0027t treat the return value of the nbd_get_size() function correctly."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-241",
              "description": "Improper Handling of Unexpected Data Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-08T08:55:24.112Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:2204",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2204"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5215"
        },
        {
          "name": "RHBZ#2241041",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2241041"
        },
        {
          "url": "https://listman.redhat.com/archives/libguestfs/2023-September/032635.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-09-21T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-09-21T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libnbd: crash or misbehaviour when nbd server returns an unexpected block size",
      "x_redhatCweChain": "CWE-241: Improper Handling of Unexpected Data Type"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5215",
    "datePublished": "2023-09-28T13:55:32.462Z",
    "dateReserved": "2023-09-26T21:54:47.184Z",
    "dateUpdated": "2025-11-08T08:55:24.112Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-49083 (GCVE-0-2023-49083)

Vulnerability from cvelistv5 – Published: 2023-11-29 18:50 – Updated: 2025-11-03 21:50

Summary

cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6.

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-476 - NULL Pointer Dereference

Assigner

GitHub_M

References

URL

Tags

	https://github.com/pyca/cryptography/security/adv…	x_refsource_CONFIRM
	https://github.com/pyca/cryptography/pull/9926	x_refsource_MISC
	https://github.com/pyca/cryptography/commit/f09c2…	x_refsource_MISC
	https://lists.fedoraproject.org/archives/list/pac…

Impacted products

	Vendor	Product	Version
	pyca	cryptography	Affected: >= 3.1, < 41.0.6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T21:50:11.841Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97"
          },
          {
            "name": "https://github.com/pyca/cryptography/pull/9926",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/pyca/cryptography/pull/9926"
          },
          {
            "name": "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMNTYMUGFJSDBYBU22FUYBHFRZODRKXV/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00012.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "cryptography",
          "vendor": "pyca",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 3.1, \u003c 41.0.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "cryptography is a package designed to expose cryptographic primitives and recipes to Python developers. Calling `load_pem_pkcs7_certificates` or `load_der_pkcs7_certificates` could lead to a NULL-pointer dereference and segfault. Exploitation of this vulnerability poses a serious risk of Denial of Service (DoS) for any application attempting to deserialize a PKCS7 blob/certificate. The consequences extend to potential disruptions in system availability and stability. This vulnerability has been patched in version 41.0.6."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "CWE-476: NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-17T02:06:11.686Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/pyca/cryptography/security/advisories/GHSA-jfhm-5ghh-2f97"
        },
        {
          "name": "https://github.com/pyca/cryptography/pull/9926",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pyca/cryptography/pull/9926"
        },
        {
          "name": "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/pyca/cryptography/commit/f09c261ca10a31fe41b1262306db7f8f1da0e48a"
        },
        {
          "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMNTYMUGFJSDBYBU22FUYBHFRZODRKXV/"
        }
      ],
      "source": {
        "advisory": "GHSA-jfhm-5ghh-2f97",
        "discovery": "UNKNOWN"
      },
      "title": "cryptography vulnerable to NULL-dereference when loading PKCS7 certificates"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2023-49083",
    "datePublished": "2023-11-29T18:50:24.263Z",
    "dateReserved": "2023-11-21T18:57:30.428Z",
    "dateUpdated": "2025-11-03T21:50:11.841Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-1729 (GCVE-0-2023-1729)

Vulnerability from cvelistv5 – Published: 2023-05-15 00:00 – Updated: 2024-08-02 05:57

Summary

A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.

Severity ?

No CVSS data available.

CWE

CWE-119 - >CWE-787

Assigner

redhat

References

URL

Tags

	https://github.com/LibRaw/LibRaw/issues/557
	https://bugzilla.redhat.com/show_bug.cgi?id=2188240
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2023…	mailing-list
	https://www.debian.org/security/2023/dsa-5412	vendor-advisory
	https://security.gentoo.org/glsa/202312-08	vendor-advisory

Impacted products

	Vendor	Product	Version
	n/a	LibRaw	Affected: LibRaw 0.21.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T05:57:24.974Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/LibRaw/LibRaw/issues/557"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188240"
          },
          {
            "name": "FEDORA-2023-b19f236bc7",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E5ZJ3UBTJBZHNPJQFOSGM5L7WAHHE2GY/"
          },
          {
            "name": "FEDORA-2023-88c87f6191",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGZ6XF5WTPJ4GLXQ62JVRDZSVSJHXNQU/"
          },
          {
            "name": "[debian-lts-announce] 20230527 [SECURITY] [DLA 3433-1] libraw security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html"
          },
          {
            "name": "DSA-5412",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5412"
          },
          {
            "name": "GLSA-202312-08",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202312-08"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "LibRaw",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "LibRaw 0.21.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "CWE-119-\u003eCWE-787",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-12-22T13:06:23.193897",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://github.com/LibRaw/LibRaw/issues/557"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2188240"
        },
        {
          "name": "FEDORA-2023-b19f236bc7",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/E5ZJ3UBTJBZHNPJQFOSGM5L7WAHHE2GY/"
        },
        {
          "name": "FEDORA-2023-88c87f6191",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AGZ6XF5WTPJ4GLXQ62JVRDZSVSJHXNQU/"
        },
        {
          "name": "[debian-lts-announce] 20230527 [SECURITY] [DLA 3433-1] libraw security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00025.html"
        },
        {
          "name": "DSA-5412",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5412"
        },
        {
          "name": "GLSA-202312-08",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202312-08"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-1729",
    "datePublished": "2023-05-15T00:00:00",
    "dateReserved": "2023-03-30T00:00:00",
    "dateUpdated": "2024-08-02T05:57:24.974Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-41072 (GCVE-0-2021-41072)

Vulnerability from cvelistv5 – Published: 2021-09-14 00:00 – Updated: 2024-08-04 02:59

Summary

squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/plougher/squashfs-tools/commit…
	https://github.com/plougher/squashfs-tools/issues…
	https://www.debian.org/security/2021/dsa-4987	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2021…	mailing-list
	https://security.gentoo.org/glsa/202305-29	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:59:31.057Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/plougher/squashfs-tools/commit/e0485802ec72996c20026da320650d8362f555bd"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/plougher/squashfs-tools/issues/72#issuecomment-913833405"
          },
          {
            "name": "DSA-4987",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4987"
          },
          {
            "name": "[debian-lts-announce] 20211020 [SECURITY] [DLA 2789-1] squashfs-tools security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00017.html"
          },
          {
            "name": "GLSA-202305-29",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202305-29"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "squashfs_opendir in unsquash-2.c in Squashfs-Tools 4.5 allows Directory Traversal, a different vulnerability than CVE-2021-40153. A squashfs filesystem that has been crafted to include a symbolic link and then contents under the same filename in a filesystem can cause unsquashfs to first create the symbolic link pointing outside the expected directory, and then the subsequent write operation will cause the unsquashfs process to write through the symbolic link elsewhere in the filesystem."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-30T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/plougher/squashfs-tools/commit/e0485802ec72996c20026da320650d8362f555bd"
        },
        {
          "url": "https://github.com/plougher/squashfs-tools/issues/72#issuecomment-913833405"
        },
        {
          "name": "DSA-4987",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4987"
        },
        {
          "name": "[debian-lts-announce] 20211020 [SECURITY] [DLA 2789-1] squashfs-tools security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/10/msg00017.html"
        },
        {
          "name": "GLSA-202305-29",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202305-29"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-41072",
    "datePublished": "2021-09-14T00:00:00",
    "dateReserved": "2021-09-14T00:00:00",
    "dateUpdated": "2024-08-04T02:59:31.057Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-40153 (GCVE-0-2021-40153)

Vulnerability from cvelistv5 – Published: 2021-08-27 00:00 – Updated: 2024-08-04 02:27

Summary

squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/plougher/squashfs-tools/commit…
	https://github.com/plougher/squashfs-tools/issues/72
	https://bugs.launchpad.net/ubuntu/+source/squashf…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.debian.org/debian-lts-announce/2021…	mailing-list
	https://www.debian.org/security/2021/dsa-4967	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://security.gentoo.org/glsa/202305-29	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T02:27:31.648Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/plougher/squashfs-tools/issues/72"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1941790"
          },
          {
            "name": "FEDORA-2021-cdbd827c1e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAOZ4BKWAC4Y3U2K5MMW3S77HWWXHQDL/"
          },
          {
            "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2752-1] squashfs-tools security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00030.html"
          },
          {
            "name": "DSA-4967",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2021/dsa-4967"
          },
          {
            "name": "FEDORA-2021-9fb6da134f",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSMRKVJMJFX3MB7D3PXJSYY3TLZROE5S/"
          },
          {
            "name": "GLSA-202305-29",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://security.gentoo.org/glsa/202305-29"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "squashfs_opendir in unsquash-1.c in Squashfs-Tools 4.5 stores the filename in the directory entry; this is then used by unsquashfs to create the new file during the unsquash. The filename is not validated for traversal outside of the destination directory, and thus allows writing to locations outside of the destination."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-05-30T00:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/plougher/squashfs-tools/commit/79b5a555058eef4e1e7ff220c344d39f8cd09646"
        },
        {
          "url": "https://github.com/plougher/squashfs-tools/issues/72"
        },
        {
          "url": "https://bugs.launchpad.net/ubuntu/+source/squashfs-tools/+bug/1941790"
        },
        {
          "name": "FEDORA-2021-cdbd827c1e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RAOZ4BKWAC4Y3U2K5MMW3S77HWWXHQDL/"
        },
        {
          "name": "[debian-lts-announce] 20210831 [SECURITY] [DLA 2752-1] squashfs-tools security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/08/msg00030.html"
        },
        {
          "name": "DSA-4967",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2021/dsa-4967"
        },
        {
          "name": "FEDORA-2021-9fb6da134f",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GSMRKVJMJFX3MB7D3PXJSYY3TLZROE5S/"
        },
        {
          "name": "GLSA-202305-29",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://security.gentoo.org/glsa/202305-29"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-40153",
    "datePublished": "2021-08-27T00:00:00",
    "dateReserved": "2021-08-27T00:00:00",
    "dateUpdated": "2024-08-04T02:27:31.648Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2022-48554 (GCVE-0-2022-48554)

Vulnerability from cvelistv5 – Published: 2023-08-22 00:00 – Updated: 2024-08-03 15:17

Summary

File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://bugs.astron.com/view.php?id=310
	https://www.debian.org/security/2023/dsa-5489	vendor-advisory
	https://security.netapp.com/advisory/ntap-2023111…
	https://support.apple.com/kb/HT214081
	https://support.apple.com/kb/HT214088
	https://support.apple.com/kb/HT214084
	https://support.apple.com/kb/HT214086
	http://seclists.org/fulldisclosure/2024/Mar/21	mailing-list
	http://seclists.org/fulldisclosure/2024/Mar/25	mailing-list
	http://seclists.org/fulldisclosure/2024/Mar/24	mailing-list

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T15:17:55.372Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.astron.com/view.php?id=310"
          },
          {
            "name": "DSA-5489",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5489"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20231116-0002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214081"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214088"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214084"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214086"
          },
          {
            "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
          },
          {
            "name": "20240313 APPLE-SA-03-07-2024-6 tvOS 17.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Mar/25"
          },
          {
            "name": "20240313 APPLE-SA-03-07-2024-5 watchOS 10.4",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Mar/24"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: \"File\" is the name of an Open Source project."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-13T22:07:17.737915",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugs.astron.com/view.php?id=310"
        },
        {
          "name": "DSA-5489",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.debian.org/security/2023/dsa-5489"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20231116-0002/"
        },
        {
          "url": "https://support.apple.com/kb/HT214081"
        },
        {
          "url": "https://support.apple.com/kb/HT214088"
        },
        {
          "url": "https://support.apple.com/kb/HT214084"
        },
        {
          "url": "https://support.apple.com/kb/HT214086"
        },
        {
          "name": "20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Mar/21"
        },
        {
          "name": "20240313 APPLE-SA-03-07-2024-6 tvOS 17.4",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Mar/25"
        },
        {
          "name": "20240313 APPLE-SA-03-07-2024-5 watchOS 10.4",
          "tags": [
            "mailing-list"
          ],
          "url": "http://seclists.org/fulldisclosure/2024/Mar/24"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-48554",
    "datePublished": "2023-08-22T00:00:00",
    "dateReserved": "2023-07-23T00:00:00",
    "dateUpdated": "2024-08-03T15:17:55.372Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2021-29390 (GCVE-0-2021-29390)

Vulnerability from cvelistv5 – Published: 2023-08-22 00:00 – Updated: 2024-10-04 16:11

Summary

libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c.

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://bugzilla.redhat.com/show_bug.cgi?id=1943797
	https://github.com/libjpeg-turbo/libjpeg-turbo/bl…
	https://github.com/libjpeg-turbo/libjpeg-turbo/co…
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T22:02:51.858Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943797"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c"
          },
          {
            "name": "FEDORA-2023-d79ff22c5b",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/"
          },
          {
            "name": "FEDORA-2023-3bfb63f6d2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"
          },
          {
            "name": "FEDORA-2023-b427f54e68",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-29390",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-04T16:08:32.914099Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-04T16:11:31.673Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-21T02:07:13.454726",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1943797"
        },
        {
          "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/blob/4e52b66f342a803d3b8099b79607e3158d3a241c/jdcoefct.c#L595"
        },
        {
          "url": "https://github.com/libjpeg-turbo/libjpeg-turbo/commits/main/jdcoefct.c"
        },
        {
          "name": "FEDORA-2023-d79ff22c5b",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/27NR3KG553CG6LGPMP6SHWEVHTYPL6RC/"
        },
        {
          "name": "FEDORA-2023-3bfb63f6d2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6T655QF7CQ3DYAMPFV7IECQYGDEUIVVT/"
        },
        {
          "name": "FEDORA-2023-b427f54e68",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KUQ7CTX3W372X3UY56VVNAHCH6H2F4X3/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-29390",
    "datePublished": "2023-08-22T00:00:00",
    "dateReserved": "2021-03-29T00:00:00",
    "dateUpdated": "2024-10-04T16:11:31.673Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5871 (GCVE-0-2023-5871)

Vulnerability from cvelistv5 – Published: 2023-11-27 11:58 – Updated: 2025-11-20 18:07

Summary

A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-617 - Reachable Assertion

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:2204	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-5871	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2247308	issue-trackingx_refsource_REDHAT
	https://lists.libguestfs.org/archives/list/guestf…

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 9

Unaffected: 0:1.18.1-3.el9 , < * (rpm)
cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:enterprise_linux:9::crb

Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:14:24.747Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:2204",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2204"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-5871"
          },
          {
            "name": "RHBZ#2247308",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247308"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/PFVUCMPFQUDC23JXSCUUPXIGDZ7XCFMD/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "libnbd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.18.1-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libnbd",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libnbd",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "virt:rhel/libnbd",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-10-31T19:11:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libnbd, due to a malicious Network Block Device (NBD), a protocol for accessing Block Devices such as hard disks over a Network. This issue may allow a malicious NBD server to cause a Denial of Service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T18:07:22.926Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:2204",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2204"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5871"
        },
        {
          "name": "RHBZ#2247308",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2247308"
        },
        {
          "url": "https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/PFVUCMPFQUDC23JXSCUUPXIGDZ7XCFMD/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-31T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-10-31T19:11:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libnbd: malicious nbd server may crash libnbd",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-617: Reachable Assertion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-5871",
    "datePublished": "2023-11-27T11:58:44.737Z",
    "dateReserved": "2023-10-31T05:04:33.007Z",
    "dateUpdated": "2025-11-20T18:07:22.926Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-24258 (GCVE-0-2024-24258)

Vulnerability from cvelistv5 – Published: 2024-02-05 00:00 – Updated: 2025-11-04 18:29

Summary

freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function.

Severity ?

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/yinluming13579/mupdf_defects/b…
	https://github.com/freeglut/freeglut/pull/155
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory
	https://lists.fedoraproject.org/archives/list/pac…	vendor-advisory

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-24258",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-07T15:30:52.703759Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-401",
                "description": "CWE-401 Missing Release of Memory after Effective Lifetime",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-05T18:26:21.901Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T18:29:00.570Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/freeglut/freeglut/pull/155"
          },
          {
            "name": "FEDORA-2024-b69a4d75a1",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/"
          },
          {
            "name": "FEDORA-2024-0356803680",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "freeglut 3.4.0 was discovered to contain a memory leak via the menuEntry variable in the glutAddSubMenu function."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-21T03:06:28.321Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/yinluming13579/mupdf_defects/blob/main/mupdf_detect_1.md"
        },
        {
          "url": "https://github.com/freeglut/freeglut/pull/155"
        },
        {
          "name": "FEDORA-2024-b69a4d75a1",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T43DAHPIWMGN54E4I6ABLHNYHZSTX7H5/"
        },
        {
          "name": "FEDORA-2024-0356803680",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6IBAWX3HMMZVAWJZ3U6VOAYYOYJCN3IS/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-24258",
    "datePublished": "2024-02-05T00:00:00.000Z",
    "dateReserved": "2024-01-25T00:00:00.000Z",
    "dateUpdated": "2025-11-04T18:29:00.570Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-0995

CVE-2024-22365 (GCVE-0-2024-22365)

CVE-2023-41915 (GCVE-0-2023-41915)

CVE-2024-24259 (GCVE-0-2024-24259)

CVE-2024-1481 (GCVE-0-2024-1481)

CVE-2023-5215 (GCVE-0-2023-5215)

CVE-2023-49083 (GCVE-0-2023-49083)

CVE-2023-1729 (GCVE-0-2023-1729)

CVE-2021-41072 (GCVE-0-2021-41072)

CVE-2021-40153 (GCVE-0-2021-40153)

CVE-2022-48554 (GCVE-0-2022-48554)

CVE-2021-29390 (GCVE-0-2021-29390)

CVE-2023-5871 (GCVE-0-2023-5871)

CVE-2024-24258 (GCVE-0-2024-24258)

Tags

Sightings

Nomenclature