Vulnerabilites related to Red Hat - Red Hat Enterprise Linux 10
CVE-2024-3019 (GCVE-0-2024-3019)
Vulnerability from cvelistv5
Published
2024-03-28 18:32
Modified
2025-07-05 02:25
CWE
  • CWE-668 - Exposure of Resource to Wrong Sphere
Summary
A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the 'Metrics settings' page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer.
References
https://access.redhat.com/errata/RHSA-2024:2566 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3264 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3321 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3322 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3323 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3324 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3325 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3392 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3019 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2271898 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 4.3.4   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:5.3.7-20.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:5.0.2-8.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:5.2.5-7.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:5.2.5-7.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:5.2.5-7.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:5.3.5-9.el8_6   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:5.3.7-18.el8_8   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:6.2.0-2.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:5.3.5-9.el9_0   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:6.0.1-6.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3019",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-25T19:20:31.653267Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:32:49.182Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:32:42.516Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:2566",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2566"
          },
          {
            "name": "RHSA-2024:3264",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3264"
          },
          {
            "name": "RHSA-2024:3321",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3321"
          },
          {
            "name": "RHSA-2024:3322",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3322"
          },
          {
            "name": "RHSA-2024:3323",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3323"
          },
          {
            "name": "RHSA-2024:3324",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3324"
          },
          {
            "name": "RHSA-2024:3325",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3325"
          },
          {
            "name": "RHSA-2024:3392",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3392"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3019"
          },
          {
            "name": "RHBZ#2271898",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271898"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/performancecopilot/pcp/",
          "defaultStatus": "unaffected",
          "packageName": "pcp",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "4.3.4",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.7-20.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.0.2-8.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-7.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-7.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-7.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-9.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.7-18.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.2.0-2.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-9.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.0.1-6.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jihwan Yoon (NAVER Cloud Security Analysis) for reporting this issue."
        }
      ],
      "datePublic": "2024-03-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PCP. The default pmproxy configuration exposes the Redis server backend to the local network, allowing remote command execution with the privileges of the Redis user. This issue can only be exploited when pmproxy is running. By default, pmproxy is not running and needs to be started manually. The pmproxy service is usually started from the \u0027Metrics settings\u0027 page of the Cockpit web interface. This flaw affects PCP versions 4.3.4 and newer."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-668",
              "description": "Exposure of Resource to Wrong Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T02:25:29.021Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:2566",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2566"
        },
        {
          "name": "RHSA-2024:3264",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3264"
        },
        {
          "name": "RHSA-2024:3321",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3321"
        },
        {
          "name": "RHSA-2024:3322",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3322"
        },
        {
          "name": "RHSA-2024:3323",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3323"
        },
        {
          "name": "RHSA-2024:3324",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3324"
        },
        {
          "name": "RHSA-2024:3325",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3325"
        },
        {
          "name": "RHSA-2024:3392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3392"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3019"
        },
        {
          "name": "RHBZ#2271898",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271898"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-27T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-27T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Pcp: exposure of the redis server backend allows remote command execution via pmproxy",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this flaw, stop and disable the pmproxy.service or disable the Redis server backend via the pmproxy configuration file.\n\nTo stop and disable the pmproxy.service, run the following command:\n~~~\n# systemctl disable --now pmproxy.service\n~~~\n\nTo disable the Redis backend server via the pmproxy configuration file:\n~~~\n# sed -i \u0027s/redis.enabled = true/redis.enabled = false/g\u0027 /etc/pcp/pmproxy/pmproxy.conf\n# systemctl restart pmproxy.service\n~~~"
        }
      ],
      "x_redhatCweChain": "CWE-668: Exposure of Resource to Wrong Sphere"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3019",
    "datePublished": "2024-03-28T18:32:43.298Z",
    "dateReserved": "2024-03-27T17:41:16.708Z",
    "dateUpdated": "2025-07-05T02:25:29.021Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12088 (GCVE-0-2024-12088)
Vulnerability from cvelistv5
Published
2025-01-14 17:38
Modified
2025-08-12 20:37
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory.
References
Impacted products
Vendor Product Version
Version: 0    3.3.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-21.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.5-3.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.5-3.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12088",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T14:13:08.347346Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T14:13:22.355Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RsyncProject/rsync",
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-21.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.5-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.5-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue."
        }
      ],
      "datePublic": "2025-01-14T15:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in rsync. When using the `--safe-links` option, the rsync client fails to properly verify if a symbolic link destination sent from the server contains another symbolic link within it. This results in a path traversal vulnerability, which may lead to arbitrary file write outside the desired directory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T20:37:26.103Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2600",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2600"
        },
        {
          "name": "RHSA-2025:7050",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7050"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12088"
        },
        {
          "name": "RHBZ#2330676",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330676"
        },
        {
          "url": "https://kb.cert.org/vuls/id/952657"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-05T21:55:22.700000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-14T15:06:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rsync: --safe-links option bypass leads to path traversal",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12088",
    "datePublished": "2025-01-14T17:38:34.890Z",
    "dateReserved": "2024-12-03T08:58:08.307Z",
    "dateUpdated": "2025-08-12T20:37:26.103Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10041 (GCVE-0-2024-10041)
Vulnerability from cvelistv5
Published
2024-10-23 13:46
Modified
2025-07-29 09:27
CWE
  • CWE-922 - Insecure Storage of Sensitive Information
Summary
A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications.
References
https://access.redhat.com/errata/RHSA-2024:10379 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:11250 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9941 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-10041 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2319212 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.6.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-36.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-21.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-21.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-21.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10041",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-23T14:35:15.520510Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-922",
                "description": "CWE-922 Insecure Storage of Sensitive Information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-04T17:03:47.703Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/linux-pam/linux-pam",
          "defaultStatus": "unaffected",
          "packageName": "pam",
          "versions": [
            {
              "lessThan": "1.6.0",
              "status": "affected",
              "version": "1.6.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.1-36.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-21.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-21.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-21.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-10-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in PAM. The secret information is stored in memory, where the attacker can trigger the victim program to execute by sending characters to its standard input (stdin). As this occurs, the attacker can train the branch predictor to execute an ROP chain speculatively. This flaw could result in leaked passwords, such as those found in /etc/shadow while performing authentications."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-922",
              "description": "Insecure Storage of Sensitive Information",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:27:24.696Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10379",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10379"
        },
        {
          "name": "RHSA-2024:11250",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:11250"
        },
        {
          "name": "RHSA-2024:9941",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9941"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-10041"
        },
        {
          "name": "RHBZ#2319212",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2319212"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-16T15:08:30.331000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-18T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Pam: libpam: libpam vulnerable to read hashed password",
      "workarounds": [
        {
          "lang": "en",
          "value": "This vulnerability is mitigated if SELinux is in Enforcing mode.\n\nTo verify if SELinux is in Enforcing mode, the output of the `getenforce` command will return `Enforcing\u0027, see the example below:\n\n~~~\n$ getenforce\nEnforcing\n~~~\n\nTo more information about SELinux, specifically how to set it to Enforcing mode, see the links below.\n\nhttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html-single/using_selinux/index#changing-to-enforcing-mode_changing-selinux-states-and-modes\nhttps://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html-single/using_selinux/index#changing-to-enforcing-mode_changing-selinux-states-and-modes"
        }
      ],
      "x_redhatCweChain": "CWE-922: Insecure Storage of Sensitive Information"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-10041",
    "datePublished": "2024-10-23T13:46:27.963Z",
    "dateReserved": "2024-10-16T16:13:54.632Z",
    "dateUpdated": "2025-07-29T09:27:24.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45778 (GCVE-0-2024-45778)
Vulnerability from cvelistv5
Published
2025-03-03 17:05
Modified
2025-07-29 09:40
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45778",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T16:17:31.692255Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T16:17:40.084Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack overflow flaw was found when reading a BFS file system. A crafted BFS filesystem may lead to an uncontrolled loop, causing grub2 to crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:40:38.616Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45778"
        },
        {
          "name": "RHBZ#2345640",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345640"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-13T22:31:09.886000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/bfs: integer overflow in the bfs parser.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45778",
    "datePublished": "2025-03-03T17:05:13.058Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:40:38.616Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5351 (GCVE-0-2025-5351)
Vulnerability from cvelistv5
Published
2025-07-04 08:16
Modified
2025-07-08 14:20
CWE
Summary
A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5351",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T14:19:53.439788Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T14:20:01.329Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Ronald Crane for reporting this issue."
        }
      ],
      "datePublic": "2025-06-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the key export functionality of libssh. The issue occurs in the internal function responsible for converting cryptographic keys into serialized formats. During error handling, a memory structure is freed but not cleared, leading to a potential double free issue if an additional failure occurs later in the function. This condition may result in heap corruption or application instability in low-memory scenarios, posing a risk to system reliability where key export operations are performed."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "Double Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-04T08:16:47.122Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5351"
        },
        {
          "name": "RHBZ#2369367",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369367"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-30T07:01:54.178000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libssh: double free vulnerability in libssh key export functions",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Administrators should apply vendor-supplied patches as soon as they become available."
        }
      ],
      "x_redhatCweChain": "CWE-415: Double Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5351",
    "datePublished": "2025-07-04T08:16:47.122Z",
    "dateReserved": "2025-05-30T07:01:37.816Z",
    "dateUpdated": "2025-07-08T14:20:01.329Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12243 (GCVE-0-2024-12243)
Vulnerability from cvelistv5
Published
2025-02-10 15:28
Modified
2025-07-28 09:46
CWE
  • CWE-407 - Inefficient Algorithmic Complexity
Summary
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
References
Impacted products
Vendor Product Version
Version: 0    3.6.16
Version: 3.7.0    3.7.11
Version: 3.8.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.6.16-8.el8_10.3   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.6.16-8.el8_10.3   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.8.3-6.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.8.3-6.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:3.8.3-4.el9_4.2   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12243",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T16:25:20.087658Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-10T16:25:30.798Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-23T13:11:00.539Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250523-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/gnutls/gnutls/",
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "versions": [
            {
              "lessThanOrEqual": "3.6.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "3.7.11",
              "status": "affected",
              "version": "3.7.0",
              "versionType": "semver"
            },
            {
              "lessThan": "3.8.8",
              "status": "affected",
              "version": "3.8.0",
              "versionType": "semver"
            },
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.8.9",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_10.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_10.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-6.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Bing Shi for reporting this issue."
        }
      ],
      "datePublic": "2025-02-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T09:46:18.881Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4051"
        },
        {
          "name": "RHSA-2025:7076",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7076"
        },
        {
          "name": "RHSA-2025:8020",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8020"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12243"
        },
        {
          "name": "RHBZ#2344615",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344615"
        },
        {
          "url": "https://gitlab.com/gnutls/libtasn1/-/issues/52"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-10T08:33:56.422000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos",
      "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12243",
    "datePublished": "2025-02-10T15:28:10.328Z",
    "dateReserved": "2024-12-05T14:26:25.188Z",
    "dateUpdated": "2025-07-28T09:46:18.881Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8114 (GCVE-0-2025-8114)
Vulnerability from cvelistv5
Published
2025-07-24 14:14
Modified
2025-08-14 00:57
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8114",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-24T15:32:04.537761Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-24T15:32:08.957Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jakub Jelen and Philippe Antoine for reporting this issue."
        }
      ],
      "datePublic": "2025-07-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T00:57:18.771Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-8114"
        },
        {
          "name": "RHBZ#2383220",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383220"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-24T12:37:24.168000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": ": null pointer dereference in libssh kex session id calculation",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-8114",
    "datePublished": "2025-07-24T14:14:47.745Z",
    "dateReserved": "2025-07-24T12:27:58.843Z",
    "dateUpdated": "2025-08-14T00:57:18.771Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3183 (GCVE-0-2024-3183)
Vulnerability from cvelistv5
Published
2024-06-12 08:18
Modified
2025-08-01 18:50
CWE
  • CWE-916 - Use of Password Hash With Insufficient Computational Effort
Summary
A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client’s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user’s password. If a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal’s password).
References
https://access.redhat.com/errata/RHSA-2024:3754 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3755 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3756 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3757 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3758 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3759 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3760 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3761 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3775 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3183 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2270685 issue-tracking, x_refsource_REDHAT
https://www.freeipa.org/release-notes/4-12-1.html
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:4.6.8-5.el7_9.17   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240528133707.823393f5   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 8020020240530191103.792f4060   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020240528055121.5b01ab7e   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 8040020240528055121.5b01ab7e   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 8040020240528055121.5b01ab7e   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020240530061719.ada582f1   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020240530061719.ada582f1   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020240530061719.ada582f1   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020240530051744.b0a6ceea   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:4.11.0-15.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:4.9.8-11.el9_0.3   < *
    cpe:/a:redhat:rhel_eus:9.0::crb
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:4.10.1-12.el9_2.2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/a:redhat:rhel_eus:9.2::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3183",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-12T13:41:24.168315Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-12T13:43:10.079Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:05:07.630Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:3754",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3754"
          },
          {
            "name": "RHSA-2024:3755",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3755"
          },
          {
            "name": "RHSA-2024:3756",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3756"
          },
          {
            "name": "RHSA-2024:3757",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3757"
          },
          {
            "name": "RHSA-2024:3758",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3758"
          },
          {
            "name": "RHSA-2024:3759",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3759"
          },
          {
            "name": "RHSA-2024:3760",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3760"
          },
          {
            "name": "RHSA-2024:3761",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3761"
          },
          {
            "name": "RHSA-2024:3775",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3775"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3183"
          },
          {
            "name": "RHBZ#2270685",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270685"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freeipa.org/release-notes/4-12-1.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WT3JL7JQDIAFKKEFARWYES7GZNWGQNCI/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/freeipa/freeipa",
          "defaultStatus": "unknown",
          "packageName": "freeipa",
          "versions": [
            {
              "status": "unaffected",
              "version": "4.12.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.6.8-5.el7_9.17",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240528133707.823393f5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020240530191103.792f4060",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240528055121.5b01ab7e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240528055121.5b01ab7e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240528055121.5b01ab7e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020240530061719.ada582f1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020240530061719.ada582f1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020240530061719.ada582f1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240530051744.b0a6ceea",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.11.0-15.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::crb",
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.9.8-11.el9_0.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.10.1-12.el9_2.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Mikhail Sukhov for reporting this issue."
        }
      ],
      "datePublic": "2024-06-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in FreeIPA in a way when a Kerberos TGS-REQ is encrypted using the client\u2019s session key. This key is different for each new session, which protects it from brute force attacks. However, the ticket it contains is encrypted using the target principal key directly. For user principals, this key is a hash of a public per-principal randomly-generated salt and the user\u2019s password.\r\n\r\nIf a principal is compromised it means the attacker would be able to retrieve tickets encrypted to any principal, all of them being encrypted by their own key directly. By taking these tickets and salts offline, the attacker could run brute force attacks to find character strings able to decrypt tickets when combined to a principal salt (i.e. find the principal\u2019s password)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-916",
              "description": "Use of Password Hash With Insufficient Computational Effort",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T18:50:55.510Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:3754",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3754"
        },
        {
          "name": "RHSA-2024:3755",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3755"
        },
        {
          "name": "RHSA-2024:3756",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3756"
        },
        {
          "name": "RHSA-2024:3757",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3757"
        },
        {
          "name": "RHSA-2024:3758",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3758"
        },
        {
          "name": "RHSA-2024:3759",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3759"
        },
        {
          "name": "RHSA-2024:3760",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3760"
        },
        {
          "name": "RHSA-2024:3761",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3761"
        },
        {
          "name": "RHSA-2024:3775",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3775"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3183"
        },
        {
          "name": "RHBZ#2270685",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270685"
        },
        {
          "url": "https://www.freeipa.org/release-notes/4-12-1.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-21T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-06-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Freeipa: user can obtain a hash of the passwords of all domain users and perform offline brute force",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this vulnerability, ticket requests to user principals are now disallowed in FreeIPA realms by default. This will keep attackers from obtaining data encrypted with the user key directly."
        }
      ],
      "x_redhatCweChain": "CWE-916: Use of Password Hash With Insufficient Computational Effort"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3183",
    "datePublished": "2024-06-12T08:18:51.691Z",
    "dateReserved": "2024-04-02T09:48:54.404Z",
    "dateUpdated": "2025-08-01T18:50:55.510Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5318 (GCVE-0-2025-5318)
Vulnerability from cvelistv5
Published
2025-06-24 14:10
Modified
2025-08-13 14:37
CWE
Summary
A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5318",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-24T14:29:13.950274Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-24T14:29:18.363Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Ronald Crane for reporting this issue."
        }
      ],
      "datePublic": "2025-06-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the libssh library. An out-of-bounds read can be triggered in the sftp_handle function due to an incorrect comparison check that permits the function to access memory beyond the valid handle list and to return an invalid pointer, which is used in further processing. This vulnerability allows an authenticated remote attacker to potentially read unintended memory regions, exposing sensitive information or affect service behavior."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-13T14:37:21.622Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5318"
        },
        {
          "name": "RHBZ#2369131",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369131"
        },
        {
          "url": "https://www.libssh.org/security/advisories/CVE-2025-5318.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-29T06:48:59.169000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libssh: out-of-bounds read in sftp_handle()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5318",
    "datePublished": "2025-06-24T14:10:07.188Z",
    "dateReserved": "2025-05-29T07:01:42.703Z",
    "dateUpdated": "2025-08-13T14:37:21.622Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32908 (GCVE-0-2025-32908)
Vulnerability from cvelistv5
Published
2025-04-14 14:00
Modified
2025-07-29 00:25
CWE
  • CWE-115 - Misinterpretation of Input
Summary
A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS).
References
https://access.redhat.com/errata/RHSA-2025:7505 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32908 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359343 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32908",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T14:12:19.790872Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T18:06:53.056Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The HTTP/2 server in libsoup may not fully validate the values of pseudo-headers :scheme, :authority, and :path, which may allow a user to cause a denial of service (DoS)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-115",
              "description": "Misinterpretation of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:25:19.450Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7505"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32908"
        },
        {
          "name": "RHBZ#2359343",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359343"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:27:09.097000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: denial of service on libsoup through http/2 server",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation was found for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-115: Misinterpretation of Input"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32908",
    "datePublished": "2025-04-14T14:00:30.423Z",
    "dateReserved": "2025-04-14T01:37:48.152Z",
    "dateUpdated": "2025-07-29T00:25:19.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32051 (GCVE-0-2025-32051)
Vulnerability from cvelistv5
Published
2025-04-03 13:36
Modified
2025-07-29 07:19
CWE
  • CWE-754 - Improper Check for Unusual or Exceptional Conditions
Summary
A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS).
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32051",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:46:14.850480Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:54:07.542Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The libsoup soup_uri_decode_data_uri() function may crash when processing malformed data URI. This flaw allows an attacker to cause a denial of service (DoS)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-754",
              "description": "Improper Check for Unusual or Exceptional Conditions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:19:59.050Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32051"
        },
        {
          "name": "RHBZ#2357068",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357068"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:16:46.979000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: segmentation fault when parsing malformed data uri",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32051",
    "datePublished": "2025-04-03T13:36:50.776Z",
    "dateReserved": "2025-04-03T01:42:14.135Z",
    "dateUpdated": "2025-07-29T07:19:59.050Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26597 (GCVE-0-2025-26597)
Vulnerability from cvelistv5
Published
2025-02-25 15:54
Modified
2025-07-29 00:19
CWE
  • CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer
Summary
A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26597 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345255 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26597",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T16:39:35.677718Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T19:14:54.385Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-119",
              "description": "Improper Restriction of Operations within the Bounds of a Memory Buffer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:19:40.102Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26597"
        },
        {
          "name": "RHBZ#2345255",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345255"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:15:01.517000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: buffer overflow in xkbchangetypesofkey()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26597",
    "datePublished": "2025-02-25T15:54:48.196Z",
    "dateReserved": "2025-02-12T14:12:22.795Z",
    "dateUpdated": "2025-07-29T00:19:40.102Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12085 (GCVE-0-2024-12085)
Vulnerability from cvelistv5
Published
2025-01-14 17:37
Modified
2025-08-12 20:37
CWE
  • CWE-908 - Use of Uninitialized Resource
Summary
A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time.
References
https://access.redhat.com/errata/RHSA-2025:0324 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0325 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0637 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0688 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0714 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0774 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0787 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0790 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0849 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0884 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0885 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1120 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1123 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1128 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1225 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1227 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1242 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1451 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2701 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-12085 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2330539 issue-tracking, x_refsource_REDHAT
https://kb.cert.org/vuls/id/952657
Impacted products
Vendor Product Version
Version: 0    3.3.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:3.0.6-12.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:3.1.2-12.el7_9.1   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-20.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:3.1.3-7.el8_2.3   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:3.1.3-12.el8_4.3   < *
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:3.1.3-12.el8_4.3   < *
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:3.1.3-12.el8_4.3   < *
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:3.1.3-14.el8_6.6   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:3.1.3-14.el8_6.6   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:3.1.3-14.el8_6.6   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:3.1.3-20.el8_8.1   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.3-20.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.3-20.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:3.2.3-9.el9_0.3   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:3.2.3-19.el9_2.1   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:3.2.3-19.el9_4.1   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 412.86.202502100314-0   < *
    cpe:/a:redhat:openshift:4.12::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202503112237-0   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202502111902-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202501281917-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202502051822-0   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-22   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-10   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v6.8.1-454   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-17   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.0.0-537   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-4   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.4.0-339   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-4   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v1.1.0-320   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.1-552   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v3.3.2-9   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-5   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-12   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v5.8.17-5   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-725   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.1.0-342   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.8-RHEL-9 Unaffected: v0.28.1-88   < *
    cpe:/a:redhat:logging:5.8::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-25   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-11   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.4.0-340   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-5   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v1.1.0-321   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v3.3.2-8   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-6   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-9   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v5.9.11-4   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.1.0-724   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.1.0-341   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat RHOL-5.9-RHEL-9 Unaffected: v0.34.1-30   < *
    cpe:/a:redhat:logging:5.9::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12085",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T04:55:13.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RsyncProject/rsync",
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.0.6-12.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.2-12.el7_9.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-20.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-7.el8_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-12.el8_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-12.el8_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-12.el8_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-14.el8_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-14.el8_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-14.el8_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-20.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.3-20.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.3-20.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos",
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.3-9.el9_0.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.3-19.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.3-19.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "412.86.202502100314-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202503112237-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202502111902-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202501281917-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-ansible-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202501311735.p0.g2cb0020.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-helm-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202501311933.p0.g4246d04.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-sdk-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202501311605.p0.g4246d04.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "417.94.202502051822-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-operator-bundle",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-rhel9-operator",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch6-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v6.8.1-454",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-operator-bundle",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-17",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-proxy-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.0.0-537",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/elasticsearch-rhel9-operator",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/eventrouter-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.4.0-339",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/fluentd-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/log-file-metric-exporter-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.1.0-320",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-curator5-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.1-552",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-loki-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v3.3.2-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-view-plugin-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-operator-bundle",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-rhel9-operator",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.8.17-5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/lokistack-gateway-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-725",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/opa-openshift-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-342",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.8::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/vector-rhel9",
          "product": "RHOL-5.8-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.28.1-88",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-operator-bundle",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.9.11-25",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/cluster-logging-rhel9-operator",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.9.11-11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/eventrouter-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.4.0-340",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/fluentd-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.9.11-5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/log-file-metric-exporter-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.1.0-321",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-loki-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v3.3.2-8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/logging-view-plugin-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.9.11-6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-operator-bundle",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.9.11-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/loki-rhel9-operator",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v5.9.11-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/lokistack-gateway-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-724",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/opa-openshift-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.1.0-341",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:logging:5.9::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/vector-rhel9",
          "product": "RHOL-5.9-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v0.34.1-30",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue."
        }
      ],
      "datePublic": "2025-01-14T15:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in rsync which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-908",
              "description": "Use of Uninitialized Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T20:37:20.487Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:0324",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0324"
        },
        {
          "name": "RHSA-2025:0325",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0325"
        },
        {
          "name": "RHSA-2025:0637",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0637"
        },
        {
          "name": "RHSA-2025:0688",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0688"
        },
        {
          "name": "RHSA-2025:0714",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0714"
        },
        {
          "name": "RHSA-2025:0774",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0774"
        },
        {
          "name": "RHSA-2025:0787",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0787"
        },
        {
          "name": "RHSA-2025:0790",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0790"
        },
        {
          "name": "RHSA-2025:0849",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0849"
        },
        {
          "name": "RHSA-2025:0884",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0884"
        },
        {
          "name": "RHSA-2025:0885",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0885"
        },
        {
          "name": "RHSA-2025:1120",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1120"
        },
        {
          "name": "RHSA-2025:1123",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1123"
        },
        {
          "name": "RHSA-2025:1128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1128"
        },
        {
          "name": "RHSA-2025:1225",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1225"
        },
        {
          "name": "RHSA-2025:1227",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1227"
        },
        {
          "name": "RHSA-2025:1242",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1242"
        },
        {
          "name": "RHSA-2025:1451",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1451"
        },
        {
          "name": "RHSA-2025:2701",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2701"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12085"
        },
        {
          "name": "RHBZ#2330539",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330539"
        },
        {
          "url": "https://kb.cert.org/vuls/id/952657"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-05T12:06:36.594000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-14T15:06:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rsync: info leak via uninitialized stack contents",
      "workarounds": [
        {
          "lang": "en",
          "value": "Seeing as this vulnerability relies on information leakage coming from the presence of data in the uninitialized memory of the `sum2` buffer, a potential mitigation involves compiling rsync with the `-ftrivial-auto-var-init=zero` option set. This mitigates the issue because it initializes the `sum2` variable\u0027s memory with zeroes to prevent uninitialized memory disclosure."
        }
      ],
      "x_redhatCweChain": "CWE-908: Use of Uninitialized Resource"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12085",
    "datePublished": "2025-01-14T17:37:16.036Z",
    "dateReserved": "2024-12-03T08:57:53.329Z",
    "dateUpdated": "2025-08-12T20:37:20.487Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-1488 (GCVE-0-2024-1488)
Vulnerability from cvelistv5
Published
2024-02-15 05:04
Modified
2025-08-01 17:44
CWE
  • CWE-276 - Incorrect Default Permissions
Summary
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
References
https://access.redhat.com/errata/RHSA-2024:1750 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1751 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1780 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1801 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1802 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:1804 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2587 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2696 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0837 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-1488 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2264183 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.16.2
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.16.2-5.el8_9.6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.16.2-5.8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.7.3-12.el8_2.1   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_tus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.7.3-12.el8_2.1   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_tus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.7.3-12.el8_2.1   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_tus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.7.3-15.el8_4.1   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.7.3-15.el8_4.1   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.7.3-15.el8_4.1   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.7.3-17.el8_6.4   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.16.2-5.el8_8.4   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.16.2-3.el9_3.5   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.13.1-13.el9_0.4   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.16.2-3.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/a:redhat:rhel_eus:9.2::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-1488",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-15T18:02:37.532018Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:22:53.092Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T18:40:21.182Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:1750",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1750"
          },
          {
            "name": "RHSA-2024:1751",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1751"
          },
          {
            "name": "RHSA-2024:1780",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1780"
          },
          {
            "name": "RHSA-2024:1801",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1801"
          },
          {
            "name": "RHSA-2024:1802",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1802"
          },
          {
            "name": "RHSA-2024:1804",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1804"
          },
          {
            "name": "RHSA-2024:2587",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2587"
          },
          {
            "name": "RHSA-2024:2696",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2696"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-1488"
          },
          {
            "name": "RHBZ#2264183",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://src.fedoraproject.org/rpms/unbound/",
          "defaultStatus": "unaffected",
          "packageName": "unbound",
          "versions": [
            {
              "status": "affected",
              "version": "1.16.2"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.16.2-5.el8_9.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.16.2-5.8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-12.el8_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-12.el8_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_tus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-12.el8_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-15.el8_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-15.el8_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-15.el8_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7.3-17.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.16.2-5.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.16.2-3.el9_3.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-13.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.16.2-3.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "unbound",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-02-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-276",
              "description": "Incorrect Default Permissions",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T17:44:24.667Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1750",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1750"
        },
        {
          "name": "RHSA-2024:1751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1751"
        },
        {
          "name": "RHSA-2024:1780",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1780"
        },
        {
          "name": "RHSA-2024:1801",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1801"
        },
        {
          "name": "RHSA-2024:1802",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1802"
        },
        {
          "name": "RHSA-2024:1804",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1804"
        },
        {
          "name": "RHSA-2024:2587",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2587"
        },
        {
          "name": "RHSA-2024:2696",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2696"
        },
        {
          "name": "RHSA-2025:0837",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0837"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-1488"
        },
        {
          "name": "RHBZ#2264183",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264183"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-02-14T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-02-13T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-276: Incorrect Default Permissions"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-1488",
    "datePublished": "2024-02-15T05:04:13.994Z",
    "dateReserved": "2024-02-14T12:47:25.283Z",
    "dateUpdated": "2025-08-01T17:44:24.667Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32990 (GCVE-0-2025-32990)
Vulnerability from cvelistv5
Published
2025-07-10 09:41
Modified
2025-08-15 19:48
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32990",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T14:06:53.044401Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T14:08:18.960Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnutls.org/",
          "defaultStatus": "unaffected",
          "packageName": "libgnutls",
          "versions": [
            {
              "lessThan": "3.8.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-07-09T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-15T19:48:12.754Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32990"
        },
        {
          "name": "RHBZ#2359620",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359620"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-15T01:21:36.656000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-09T07:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: vulnerability in gnutls certtool template parsing",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32990",
    "datePublished": "2025-07-10T09:41:46.211Z",
    "dateReserved": "2025-04-15T01:31:12.104Z",
    "dateUpdated": "2025-08-15T19:48:12.754Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10306 (GCVE-0-2024-10306)
Vulnerability from cvelistv5
Published
2025-04-23 09:59
Modified
2025-07-29 09:28
CWE
  • CWE-863 - Incorrect Authorization
Summary
A vulnerability was found in mod_proxy_cluster. The issue is that the <Directory> directive should be replaced by the <Location> directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic.
References
https://access.redhat.com/errata/RHBA-2025:2973 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHBA-2025:5309 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9434 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9466 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9997 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-10306 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2321302 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.3.17   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:1.3.21-1.el10   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:1.3.22-1.el10_0.2   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.3.22-1.el9_5.2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.3.22-1.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.3.22-1.el9_4.1   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat JBoss Core Services     cpe:/a:redhat:jboss_core_services:1
Create a notification for this product.
   Red Hat Red Hat JBoss Core Services     cpe:/a:redhat:jboss_core_services:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10306",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-23T15:30:34.381869Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-23T15:33:26.774Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/modcluster/mod_proxy_cluster",
          "defaultStatus": "unaffected",
          "packageName": "mod_proxy_cluster",
          "versions": [
            {
              "lessThan": "1.3.21.Final",
              "status": "affected",
              "version": "1.3.17",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_proxy_cluster",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.21-1.el10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_proxy_cluster",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.22-1.el10_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_proxy_cluster",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.22-1.el9_5.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_proxy_cluster",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.22-1.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_proxy_cluster",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.22-1.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "jbcs-httpd24-mod_proxy_cluster",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_proxy_cluster",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in mod_proxy_cluster. The issue is that the \u003cDirectory\u003e directive should be replaced by the \u003cLocation\u003e directive as the former does not restrict IP/host access as `Require ip IP_ADDRESS` would suggest. This means that anyone with access to the host might send MCMP requests that may result in adding/removing/updating nodes for the balancing. However, this host should not be accessible to the public network as it does not serve the general traffic."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:28:00.805Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBA-2025:2973",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:2973"
        },
        {
          "name": "RHBA-2025:5309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:5309"
        },
        {
          "name": "RHSA-2025:9434",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9434"
        },
        {
          "name": "RHSA-2025:9466",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9466"
        },
        {
          "name": "RHSA-2025:9997",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9997"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-10306"
        },
        {
          "name": "RHBZ#2321302",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2321302"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-23T13:59:58.342000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Mod_proxy_cluster: mod_proxy_cluster unauthorized mcmp requests",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-863: Incorrect Authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-10306",
    "datePublished": "2025-04-23T09:59:49.150Z",
    "dateReserved": "2024-10-23T14:03:44.421Z",
    "dateUpdated": "2025-07-29T09:28:00.805Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49796 (GCVE-0-2025-49796)
Vulnerability from cvelistv5
Published
2025-06-16 15:14
Modified
2025-08-07 08:59
Severity ?
CWE
Summary
A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory.
References
https://access.redhat.com/errata/RHSA-2025:10630 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10698 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10699 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11580 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12098 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12099 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12199 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12237 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12239 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12240 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12241 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13267 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13335 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49796 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2372385 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.12.5-7.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.9.1-6.el7_9.10   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.9.7-9.el8_2.3   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-9.el8_4.6   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:2.9.7-9.el8_4.6   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:2.9.7-16.el8_8.9   < *
    cpe:/o:redhat:rhel_e4s:8.8::baseos
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/o:redhat:rhel_tus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:2.9.7-16.el8_8.9   < *
    cpe:/o:redhat:rhel_e4s:8.8::baseos
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/o:redhat:rhel_tus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-10.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-10.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.9.13-1.el9_0.5   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.9.13-3.el9_2.7   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
    cpe:/o:redhat:rhel_e4s:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.9.13-10.el9_4   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Discovery 2 Unaffected: sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344   < *
    cpe:/a:redhat:discovery:2::el9
Create a notification for this product.
   Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d   < *
    cpe:/a:redhat:insights_proxy:1.5::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat JBoss Core Services     cpe:/a:redhat:jboss_core_services:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49796",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-16T15:32:55.790163Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-16T15:33:08.296Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.12.5-7.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.1-6.el7_9.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos",
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-1.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-3.el9_2.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in libxml2. Processing certain sch:name elements from the input XML file can trigger a memory corruption issue. This flaw allows an attacker to craft a malicious XML input file that can lead libxml to crash, resulting in a denial of service or other possible undefined behavior due to sensitive data being corrupted in memory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-07T08:59:08.709Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10630"
        },
        {
          "name": "RHSA-2025:10698",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10698"
        },
        {
          "name": "RHSA-2025:10699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10699"
        },
        {
          "name": "RHSA-2025:11580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11580"
        },
        {
          "name": "RHSA-2025:12098",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12098"
        },
        {
          "name": "RHSA-2025:12099",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12099"
        },
        {
          "name": "RHSA-2025:12199",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12199"
        },
        {
          "name": "RHSA-2025:12237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12237"
        },
        {
          "name": "RHSA-2025:12239",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12239"
        },
        {
          "name": "RHSA-2025:12240",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12240"
        },
        {
          "name": "RHSA-2025:12241",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12241"
        },
        {
          "name": "RHSA-2025:13267",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13267"
        },
        {
          "name": "RHSA-2025:13335",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13335"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49796"
        },
        {
          "name": "RHBZ#2372385",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372385"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-12T00:35:26.470000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-11T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxml: type confusion leads to denial of service (dos)",
      "workarounds": [
        {
          "lang": "en",
          "value": "There\u0027s no available mitigation other than to avoid processing untrusted XML documents before updating to the libxml version containing the fix."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49796",
    "datePublished": "2025-06-16T15:14:28.251Z",
    "dateReserved": "2025-06-10T22:17:05.287Z",
    "dateUpdated": "2025-08-07T08:59:08.709Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6019 (GCVE-0-2025-6019)
Vulnerability from cvelistv5
Published
2025-06-19 11:55
Modified
2025-08-01 17:51
CWE
  • CWE-250 - Execution with Unnecessary Privileges
Summary
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
References
https://access.redhat.com/errata/RHSA-2025:10796 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9320 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9321 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9322 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9323 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9324 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9325 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9326 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9327 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9328 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9878 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6019 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2370051 issue-tracking, x_refsource_REDHAT
https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.2.0-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.18-5.el7_9.1   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.28-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.19-13.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.24-6.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.24-9.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.24-9.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.24-9.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:2.28-3.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.28-14.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.25-12.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.28-5.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.28-11.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-06-23T13:39:55.143Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/17/5"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/17/6"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/18/1"
          },
          {
            "url": "https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attackers-get-root-on-major-linux-distros/"
          },
          {
            "url": "https://news.ycombinator.com/item?id=44325861"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6019",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-23T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-24T03:55:33.066Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.0-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.18-5.el7_9.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.28-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.19-13.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24-9.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24-9.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24-9.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.28-3.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.28-14.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.25-12.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.28-5.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libblockdev",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.28-11.el9_4",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the \"allow_active\" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an \"allow_active\" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation.  However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-250",
              "description": "Execution with Unnecessary Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T17:51:41.462Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10796",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10796"
        },
        {
          "name": "RHSA-2025:9320",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9320"
        },
        {
          "name": "RHSA-2025:9321",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9321"
        },
        {
          "name": "RHSA-2025:9322",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9322"
        },
        {
          "name": "RHSA-2025:9323",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9323"
        },
        {
          "name": "RHSA-2025:9324",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9324"
        },
        {
          "name": "RHSA-2025:9325",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9325"
        },
        {
          "name": "RHSA-2025:9326",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9326"
        },
        {
          "name": "RHSA-2025:9327",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9327"
        },
        {
          "name": "RHSA-2025:9328",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9328"
        },
        {
          "name": "RHSA-2025:9878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9878"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6019"
        },
        {
          "name": "RHBZ#2370051",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370051"
        },
        {
          "url": "https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T15:58:30.591000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libblockdev: lpe from allow_active to root in libblockdev via udisks",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-250: Execution with Unnecessary Privileges"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6019",
    "datePublished": "2025-06-19T11:55:57.380Z",
    "dateReserved": "2025-06-11T22:14:52.625Z",
    "dateUpdated": "2025-08-01T17:51:41.462Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26594 (GCVE-0-2025-26594)
Vulnerability from cvelistv5
Published
2025-02-25 15:53
Modified
2025-07-29 00:18
CWE
Summary
A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26594 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345248 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26594",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T20:13:53.357050Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T20:14:16.754Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in X.Org and Xwayland. The root cursor is referenced in the X server as a global variable. If a client frees the root cursor, the internal reference points to freed memory and causes a use-after-free."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:18:50.180Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26594"
        },
        {
          "name": "RHBZ#2345248",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345248"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:14:54.698000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "X.org: xwayland: use-after-free of the root cursor",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26594",
    "datePublished": "2025-02-25T15:53:51.324Z",
    "dateReserved": "2025-02-12T14:12:22.795Z",
    "dateUpdated": "2025-07-29T00:18:50.180Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-49395 (GCVE-0-2024-49395)
Vulnerability from cvelistv5
Published
2024-11-12 02:08
Modified
2025-07-05 09:22
CWE
  • CWE-1230 - Exposure of Sensitive Information Through Metadata
Summary
In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-49395",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:24:06.690435Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:24:21.209Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/muttmua/mutt",
          "defaultStatus": "affected",
          "packageName": "mutt"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1230",
              "description": "Exposure of Sensitive Information Through Metadata",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T09:22:59.307Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-49395"
        },
        {
          "name": "RHBZ#2325332",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325332"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-11T21:24:01.125000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-11T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Mutt: neomutt: bcc email header field is indirectly leaked by cryptographic info block",
      "x_redhatCweChain": "CWE-1230: Exposure of Sensitive Information Through Metadata"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-49395",
    "datePublished": "2024-11-12T02:08:03.548Z",
    "dateReserved": "2024-10-14T17:56:03.767Z",
    "dateUpdated": "2025-07-05T09:22:59.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4404 (GCVE-0-2025-4404)
Vulnerability from cvelistv5
Published
2025-06-17 13:39
Modified
2025-07-29 17:59
Severity ?
CWE
  • CWE-1220 - Insufficient Granularity of Access Control
Summary
A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration.
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:4.12.2-15.el10_0.1   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:4.6.8-5.el7_9.18   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020250603150652.143e9e98   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020250603134209.823393f5   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 8020020250609031831.50ea30f9   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 8020020250609030144.792f4060   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020250609101903.f153676a   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020250609095221.5b01ab7e   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020250606060927.c1533a64   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020250606060504.ada582f1   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020250606060927.c1533a64   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020250606060504.ada582f1   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020250606060927.c1533a64   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020250606060504.ada582f1   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 8080020250604195510.e581a9e4   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 8080020250604202433.b0a6ceea   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 8080020250604195510.e581a9e4   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 8080020250604202433.b0a6ceea   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:4.12.2-14.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:4.9.8-11.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:4.10.1-12.el9_2.4   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:4.11.0-15.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/a:redhat:rhel_eus:9.4::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4404",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:00:07.428097Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:00:19.853Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.freeipa.org/",
          "defaultStatus": "unaffected",
          "packageName": "freeipa",
          "versions": [
            {
              "lessThan": "4.12.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.12.2-15.el10_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.6.8-5.el7_9.18",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020250603150652.143e9e98",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020250603134209.823393f5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020250609031831.50ea30f9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020250609030144.792f4060",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020250609101903.f153676a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020250609095221.5b01ab7e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250606060927.c1533a64",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250606060504.ada582f1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250606060927.c1533a64",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250606060504.ada582f1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250606060927.c1533a64",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250606060504.ada582f1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250604195510.e581a9e4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250604202433.b0a6ceea",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250604195510.e581a9e4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250604202433.b0a6ceea",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.12.2-14.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.9.8-11.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.10.1-12.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.11.0-15.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Mikhail Sukhov (Positive Technologies) for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A privilege escalation from host to domain vulnerability was found in the FreeIPA project. The FreeIPA package fails to validate the uniqueness of the `krbCanonicalName` for the admin account by default, allowing users to create services with the same canonical name as the REALM admin. When a successful attack happens, the user can retrieve a Kerberos ticket in the name of this service, containing the admin@REALM credential. This flaw allows an attacker to perform administrative tasks over the REALM, leading to access to sensitive data and sensitive data exfiltration."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1220",
              "description": "Insufficient Granularity of Access Control",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T17:59:49.310Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:9184",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9184"
        },
        {
          "name": "RHSA-2025:9185",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9185"
        },
        {
          "name": "RHSA-2025:9186",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9186"
        },
        {
          "name": "RHSA-2025:9187",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9187"
        },
        {
          "name": "RHSA-2025:9188",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9188"
        },
        {
          "name": "RHSA-2025:9189",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9189"
        },
        {
          "name": "RHSA-2025:9190",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9190"
        },
        {
          "name": "RHSA-2025:9191",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9191"
        },
        {
          "name": "RHSA-2025:9192",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9192"
        },
        {
          "name": "RHSA-2025:9193",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9193"
        },
        {
          "name": "RHSA-2025:9194",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9194"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4404"
        },
        {
          "name": "RHBZ#2364606",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364606"
        },
        {
          "url": "https://pagure.io/freeipa/c/6b9400c135ed16b10057b350cc9ce42aa0e862d4"
        },
        {
          "url": "https://pagure.io/freeipa/c/796ed20092d554ee0c9e23295e346ec1e8a0bf6e"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-06T22:17:13.467000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Freeipa: idm: privilege escalation from host to domain admin in freeipa",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-1220: Insufficient Granularity of Access Control"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4404",
    "datePublished": "2025-06-17T13:39:17.945Z",
    "dateReserved": "2025-05-06T22:17:12.623Z",
    "dateUpdated": "2025-07-29T17:59:49.310Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4035 (GCVE-0-2025-4035)
Vulnerability from cvelistv5
Published
2025-04-29 12:56
Modified
2025-07-29 08:15
CWE
  • CWE-178 - Improper Handling of Case Sensitivity
Summary
A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation.
References
https://access.redhat.com/errata/RHSA-2025:8128 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4035 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2362651 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0.6   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4035",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T13:18:15.799218Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T13:18:21.297Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jan R\u00f3\u017ca\u0144ski for reporting this issue."
        }
      ],
      "datePublic": "2025-04-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. When handling cookies, libsoup clients mistakenly allow cookies to be set for public suffix domains if the domain contains at least two components and includes an uppercase character. This bypasses public suffix protections and could allow a malicious website to set cookies for domains it does not own, potentially leading to integrity issues such as session fixation."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-178",
              "description": "Improper Handling of Case Sensitivity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T08:15:38.915Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:8128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8128"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4035"
        },
        {
          "name": "RHBZ#2362651",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362651"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-28T05:38:56.188000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: cookie domain validation bypass via uppercase characters in libsoup",
      "x_redhatCweChain": "CWE-178: Improper Handling of Case Sensitivity"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4035",
    "datePublished": "2025-04-29T12:56:22.726Z",
    "dateReserved": "2025-04-28T06:04:50.855Z",
    "dateUpdated": "2025-07-29T08:15:38.915Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32050 (GCVE-0-2025-32050)
Vulnerability from cvelistv5
Published
2025-04-03 13:36
Modified
2025-07-29 07:19
CWE
Summary
A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read.
References
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32050 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2357067 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32050",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:56:24.491360Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:57:28.366Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The libsoup append_param_quoted() function may contain an overflow bug resulting in a buffer under-read."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-127",
              "description": "Buffer Under-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:19:50.178Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32050"
        },
        {
          "name": "RHBZ#2357067",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357067"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:17:42.454000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: integer overflow in append_param_quoted",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-127: Buffer Under-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32050",
    "datePublished": "2025-04-03T13:36:29.141Z",
    "dateReserved": "2025-04-03T01:42:14.135Z",
    "dateUpdated": "2025-07-29T07:19:50.178Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4574 (GCVE-0-2025-4574)
Vulnerability from cvelistv5
Published
2025-05-13 21:47
Modified
2025-08-03 03:15
CWE
Summary
In crossbeam-channel rust crate, the internal `Channel` type's `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption.
Impacted products
Vendor Product Version
Version: 0.5.12   
Create a notification for this product.
   Red Hat Red Hat Directory Server 11     cpe:/a:redhat:directory_server:11
Create a notification for this product.
   Red Hat Red Hat Directory Server 12     cpe:/a:redhat:directory_server:12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:2
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4574",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-14T13:30:44.836115Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-14T13:30:57.226Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/crossbeam-rs/crossbeam",
          "defaultStatus": "unaffected",
          "packageName": "crossbeam-channel",
          "versions": [
            {
              "lessThan": "0.5.15",
              "status": "affected",
              "version": "0.5.12",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11"
          ],
          "defaultStatus": "unaffected",
          "packageName": "redhat-ds:11/389-ds-base",
          "product": "Red Hat Directory Server 11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12"
          ],
          "defaultStatus": "unaffected",
          "packageName": "redhat-ds:12/389-ds-base",
          "product": "Red Hat Directory Server 12",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rust",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-afterburn",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "trustee-guest-components",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds:1.4/389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rust-toolset:rhel8/rust",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-afterburn",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-coreos-installer",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "trustee-guest-components",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-feast-operator-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-feature-server-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "conmon-rs",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "coreos-installer",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "kata-containers",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rust-afterburn",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.12-maturin",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "python-maturin",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuffer-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuftool-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-10T14:30:39.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In crossbeam-channel rust crate, the internal `Channel` type\u0027s `Drop` method has a race condition which could, in some circumstances, lead to a double-free that could result in memory corruption."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "Double Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T03:15:57.109Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4574"
        },
        {
          "name": "RHBZ#2358890",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2358890"
        },
        {
          "url": "https://github.com/crossbeam-rs/crossbeam/pull/1187"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-10T16:01:59.821678+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-10T14:30:39+00:00",
          "value": "Made public."
        }
      ],
      "title": "Crossbeam-channel: crossbeam-channel vulnerable to double free on drop",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-415: Double Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4574",
    "datePublished": "2025-05-13T21:47:24.951Z",
    "dateReserved": "2025-05-12T12:06:47.274Z",
    "dateUpdated": "2025-08-03T03:15:57.109Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11079 (GCVE-0-2024-11079)
Vulnerability from cvelistv5
Published
2024-11-11 23:32
Modified
2025-07-29 09:30
CWE
  • CWE-20 - Improper Input Validation
Summary
A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks.
References
https://access.redhat.com/errata/RHSA-2024:10770 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:11145 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11079 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2325171 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.18.0
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 1.2.0-93   < *
    cpe:/a:redhat:ansible_core:2::el8
    cpe:/a:redhat:ansible_core:2::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 3.0.1-108   < *
    cpe:/a:redhat:ansible_core:2::el8
    cpe:/a:redhat:ansible_core:2::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.9.27-34   < *
    cpe:/a:redhat:ansible_core:2::el8
    cpe:/a:redhat:ansible_core:2::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.12.10-56   < *
    cpe:/a:redhat:ansible_core:2::el8
    cpe:/a:redhat:ansible_core:2::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.18.1-2   < *
    cpe:/a:redhat:ansible_core:2::el8
    cpe:/a:redhat:ansible_core:2::el9
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 8 Unaffected: 1:2.16.14-1.el8ap   < *
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 9 Unaffected: 1:2.16.14-1.el9ap   < *
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11079",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:41:52.352926Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:42:14.546Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ansible/ansible",
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "versions": [
            {
              "lessThanOrEqual": "2.18.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.2.0-93",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-108",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-29-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.9.27-34",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.12.10-56",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_core:2::el8",
            "cpe:/a:redhat:ansible_core:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.18.1-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.14-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.14-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/bootc-azure-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/bootc-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Ansible-Core. This vulnerability allows attackers to bypass unsafe content protections using the hostvars object to reference and execute templated content. This issue can lead to arbitrary code execution if remote data or module outputs are improperly templated within playbooks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:30:00.828Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10770",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10770"
        },
        {
          "name": "RHSA-2024:11145",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:11145"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-11079"
        },
        {
          "name": "RHBZ#2325171",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325171"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-11T11:43:42.603000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-11T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Ansible-core: unsafe tagging bypass via hostvars object in ansible-core",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this vulnerability, avoid using the hostvars object to reference content marked as !unsafe. Ensure that all remote data from modules or lookups is properly sanitized and validated before use in playbooks. Additionally, restrict access to inventory files and Ansible playbooks to trusted users to minimize exploitation risks."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-11079",
    "datePublished": "2024-11-11T23:32:55.539Z",
    "dateReserved": "2024-11-11T11:57:21.806Z",
    "dateUpdated": "2025-07-29T09:30:00.828Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0620 (GCVE-0-2025-0620)
Vulnerability from cvelistv5
Published
2025-06-06 13:10
Modified
2025-08-13 15:18
CWE
  • CWE-552 - Files or Directories Accessible to External Parties
Summary
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-06-06T13:11:50.526Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/03/8"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0620",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-06T13:41:20.769621Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-06T13:41:25.261Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.samba.org/",
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "versions": [
            {
              "lessThan": "4.21.6",
              "status": "affected",
              "version": "4.21.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba4",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-06-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when re-authenticating an expired SMB session. This issue can expose file shares until clients disconnect and then connect again."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-552",
              "description": "Files or Directories Accessible to External Parties",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-13T15:18:24.958Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0620"
        },
        {
          "name": "RHBZ#2370453",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370453"
        },
        {
          "url": "https://www.samba.org/samba/security/CVE-2025-0620.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-05T16:13:11.043000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-06-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Samba: smbd doesn\u0027t pick up group membership changes when re-authenticating an expired smb session",
      "x_redhatCweChain": "CWE-552: Files or Directories Accessible to External Parties"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0620",
    "datePublished": "2025-06-06T13:10:07.110Z",
    "dateReserved": "2025-01-21T15:54:28.429Z",
    "dateUpdated": "2025-08-13T15:18:24.958Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5278 (GCVE-0-2025-5278)
Vulnerability from cvelistv5
Published
2025-05-27 20:52
Modified
2025-06-20 17:28
CWE
  • CWE-121 - Stack-based Buffer Overflow
Summary
A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-29T18:03:55.440Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/05/27/2"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/05/29/1"
          },
          {
            "url": "https://security-tracker.debian.org/tracker/CVE-2025-5278"
          },
          {
            "url": "https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633"
          },
          {
            "url": "https://cgit.git.savannah.gnu.org/cgit/coreutils.git/tree/NEWS?id=8c9602e3a145e9596dc1a63c6ed67865814b6633#n14"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/05/29/2"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5278",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-28T13:46:35.101788Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-28T13:48:21.860Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "coreutils",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "coreutils",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "coreutils",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "coreutils",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "coreutils",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Mohamed Maatallah for reporting this issue."
        }
      ],
      "datePublic": "2025-05-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GNU Coreutils. The sort utility\u0027s begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-20T17:28:48.715Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5278"
        },
        {
          "name": "RHBZ#2368764",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368764"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-27T13:50:20.148000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-27T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Coreutils: heap buffer under-read in gnu coreutils sort via key specification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-121: Stack-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5278",
    "datePublished": "2025-05-27T20:52:58.545Z",
    "dateReserved": "2025-05-27T14:05:48.552Z",
    "dateUpdated": "2025-06-20T17:28:48.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-4467 (GCVE-0-2024-4467)
Vulnerability from cvelistv5
Published
2024-07-02 15:57
Modified
2025-08-01 15:01
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Summary
A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.
References
https://access.redhat.com/errata/RHSA-2024:4276 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4277 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4278 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4372 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4373 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4420 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4724 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4727 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-4467 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2278875 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 4.0.0   
Create a notification for this product.
   Red Hat Advanced Virtualization for RHEL 8.2.1 Unaffected: 8020120240708124623.863bb0db   < *
    cpe:/a:redhat:advanced_virtualization:8.2::el8
Create a notification for this product.
   Red Hat Advanced Virtualization for RHEL 8.4.0.EUS Unaffected: 8040020240708093550.522a0ee4   < *
    cpe:/a:redhat:advanced_virtualization:8.4::el8
Create a notification for this product.
   Red Hat Advanced Virtualization for RHEL 8.4.0.EUS Unaffected: 8040020240708093550.522a0ee4   < *
    cpe:/a:redhat:advanced_virtualization:8.4::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240704072441.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240704072441.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020240703100448.522a0ee4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 8040020240703100448.522a0ee4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 8040020240703100448.522a0ee4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020240703092415.ad008a3a   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020240703092415.ad008a3a   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020240703092415.ad008a3a   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020240703085245.63b34585   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/a:redhat:rhel_eus:8.8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020240703085245.63b34585   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/a:redhat:rhel_eus:8.8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 17:8.2.0-11.el9_4.4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 17:6.2.0-11.el9_0.9   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 17:7.2.0-14.el9_2.11   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-4467",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-02T18:05:51.892288Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T18:05:57.843Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-22T18:03:16.787Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:4276",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4276"
          },
          {
            "name": "RHSA-2024:4277",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4277"
          },
          {
            "name": "RHSA-2024:4278",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4278"
          },
          {
            "name": "RHSA-2024:4372",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4372"
          },
          {
            "name": "RHSA-2024:4373",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4373"
          },
          {
            "name": "RHSA-2024:4374",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4374"
          },
          {
            "name": "RHSA-2024:4420",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4420"
          },
          {
            "name": "RHSA-2024:4724",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4724"
          },
          {
            "name": "RHSA-2024:4727",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4727"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-4467"
          },
          {
            "name": "RHBZ#2278875",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278875"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/2"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240822-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/qemu-project/qemu",
          "defaultStatus": "unaffected",
          "packageName": "qemu",
          "versions": [
            {
              "lessThan": "9.1.0",
              "status": "affected",
              "version": "4.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8.2::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:8.2",
          "product": "Advanced Virtualization for RHEL 8.2.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020120240708124623.863bb0db",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av",
          "product": "Advanced Virtualization for RHEL 8.4.0.EUS",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240708093550.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:av",
          "product": "Advanced Virtualization for RHEL 8.4.0.EUS",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240708093550.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:rhel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240704072441.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240704072441.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240703100448.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240703100448.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020240703100448.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020240703092415.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020240703092415.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020240703092415.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus:8.8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:rhel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240703085245.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus:8.8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240703085245.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17:8.2.0-11.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17:6.2.0-11.el9_0.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17:7.2.0-14.el9_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qemu-kvm-ma",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-operator-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Martin Kaesberger for reporting this issue."
        }
      ],
      "datePublic": "2024-07-02T15:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the QEMU disk image utility (qemu-img) \u0027info\u0027 command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T15:01:50.556Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4276",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4276"
        },
        {
          "name": "RHSA-2024:4277",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4277"
        },
        {
          "name": "RHSA-2024:4278",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4278"
        },
        {
          "name": "RHSA-2024:4372",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4372"
        },
        {
          "name": "RHSA-2024:4373",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4373"
        },
        {
          "name": "RHSA-2024:4374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4374"
        },
        {
          "name": "RHSA-2024:4420",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4420"
        },
        {
          "name": "RHSA-2024:4724",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4724"
        },
        {
          "name": "RHSA-2024:4727",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4727"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-4467"
        },
        {
          "name": "RHBZ#2278875",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278875"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-05-02T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-02T15:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Qemu-kvm: \u0027qemu-img info\u0027 leads to host file read/write",
      "x_redhatCweChain": "CWE-20-\u003e(CWE-200|CWE-400): Improper Input Validation leads to Exposure of Sensitive Information to an Unauthorized Actor or Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-4467",
    "datePublished": "2024-07-02T15:57:23.648Z",
    "dateReserved": "2024-05-03T09:44:14.000Z",
    "dateUpdated": "2025-08-01T15:01:50.556Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45616 (GCVE-0-2024-45616)
Vulnerability from cvelistv5
Published
2024-09-03 21:20
Modified
2025-07-29 14:16
CWE
  • CWE-457 - Use of Uninitialized Variable
Summary
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. The following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45616",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:30:13.114133Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:30:22.192Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "unaffected",
          "packageName": "libopensc",
          "versions": [
            {
              "lessThan": "0.26.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. \n\nThe following problems were caused by insufficient control of the response APDU buffer and its length when communicating with the card."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-457",
              "description": "Use of Uninitialized Variable",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:16:44.994Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45616"
        },
        {
          "name": "RHBZ#2309290",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309290"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-02T18:12:44.347000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: uninitialized values after incorrect check or usage of apdu response values in libopensc",
      "x_redhatCweChain": "CWE-457: Use of Uninitialized Variable"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45616",
    "datePublished": "2024-09-03T21:20:22.459Z",
    "dateReserved": "2024-09-02T18:28:35.895Z",
    "dateUpdated": "2025-07-29T14:16:44.994Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32256 (GCVE-0-2023-32256)
Vulnerability from cvelistv5
Published
2025-08-01 17:37
Modified
2025-08-01 19:19
CWE
  • CWE-421 - Race Condition During Access to Alternate Channel
Summary
A flaw was found in the Linux kernel's ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue.
Impacted products
Vendor Product Version
Version: 0
Version: 6.0.0
Version: 6.1.0
Version: 6.2.0
Version: 6.3.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32256",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-01T19:19:19.939025Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-01T19:19:43.176Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/",
          "defaultStatus": "unaffected",
          "packageName": "linux",
          "versions": [
            {
              "lessThan": "5.15.145",
              "status": "affected",
              "version": "0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.0.*",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.1.29",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.2.16",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.3.2",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semvar"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-05-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel\u0027s ksmbd component. A race condition between smb2 close operation and logoff in multichannel connections could result in a use-after-free issue."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-421",
              "description": "Race Condition During Access to Alternate Channel",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T17:37:15.603Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-32256"
        },
        {
          "name": "RHBZ#2385885",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2385885"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=abcc506a9a71976a8b4c9bf3ee6efd13229c1e19"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-704/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-01T01:05:16.039000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-05-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: ksmbd race issue from smb2 close and logoff with multichannel",
      "x_redhatCweChain": "CWE-421: Race Condition During Access to Alternate Channel"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-32256",
    "datePublished": "2025-08-01T17:37:15.603Z",
    "dateReserved": "2023-05-05T10:00:07.896Z",
    "dateUpdated": "2025-08-01T19:19:43.176Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6409 (GCVE-0-2024-6409)
Vulnerability from cvelistv5
Published
2024-07-08 17:57
Modified
2025-05-22 19:17
CWE
  • CWE-364 - Signal Handler Race Condition
Summary
A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server.
References
https://access.redhat.com/errata/RHSA-2024:4457 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4613 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4716 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4910 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4955 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4960 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5444 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6409 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2295085 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:8.7p1-12.el9_0.3   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:8.7p1-30.el9_2.7   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202408122222-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202407300859-0   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202407301159-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202407171205-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6409",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-11T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-12T03:55:30.136Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:41:03.399Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
          },
          {
            "name": "RHSA-2024:4457",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4457"
          },
          {
            "name": "RHSA-2024:4613",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4613"
          },
          {
            "name": "RHSA-2024:4716",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4716"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6409"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://almalinux.org/blog/2024-07-09-cve-2024-6409/"
          },
          {
            "name": "RHBZ#2295085",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295085"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1227217"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://explore.alas.aws.amazon.com/CVE-2024-6409.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openela-main/openssh/commit/c00da7741d42029e49047dd89e266d91dcfbffa0"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-6409"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240712-0003/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sig-security.rocky.page/issues/CVE-2024-6409/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2024-6409"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/security/cve/CVE-2024-6409.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos",
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-12.el9_0.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-30.el9_2.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202408122222-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202407300859-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202407301159-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202407171205-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Solar Designer (CIQ/Rocky Linux) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-08T17:45:07.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A race condition vulnerability was discovered in how signals are handled by OpenSSH\u0027s server (sshd). If a remote attacker does not authenticate within a set time period, then sshd\u0027s SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). As a consequence of a successful attack, in the worst case scenario, an attacker may be able to perform a remote code execution (RCE) as an unprivileged user running the sshd server."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-22T19:17:16.728Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4457",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4457"
        },
        {
          "name": "RHSA-2024:4613",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4613"
        },
        {
          "name": "RHSA-2024:4716",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4716"
        },
        {
          "name": "RHSA-2024:4910",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4910"
        },
        {
          "name": "RHSA-2024:4955",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4955"
        },
        {
          "name": "RHSA-2024:4960",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4960"
        },
        {
          "name": "RHSA-2024:5444",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5444"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6409"
        },
        {
          "name": "RHBZ#2295085",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295085"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-01T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-08T17:45:07+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9",
      "workarounds": [
        {
          "lang": "en",
          "value": "The process is identical to CVE-2024-6387, by disabling LoginGraceTime. See that CVE page for additional details."
        }
      ],
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6409",
    "datePublished": "2024-07-08T17:57:10.517Z",
    "dateReserved": "2024-06-28T18:10:24.954Z",
    "dateUpdated": "2025-05-22T19:17:16.728Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45775 (GCVE-0-2024-45775)
Vulnerability from cvelistv5
Published
2025-02-18 19:25
Modified
2025-06-10 19:24
CWE
Summary
A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub's argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data.
References
https://access.redhat.com/errata/RHSA-2025:6990 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45775 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2337481 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45775",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T14:42:30.676203Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T15:15:35.702Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://ftp.gnu.org/gnu/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-01-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2 where the grub_extcmd_dispatcher() function calls grub_arg_list_alloc() to allocate memory for the grub\u0027s argument list. However, it fails to check in case the memory allocation fails. Once the allocation fails, a NULL point will be processed by the parse_option() function, leading grub to crash or, in some rare scenarios, corrupt the IVT data."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-252",
              "description": "Unchecked Return Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-10T19:24:00.770Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45775"
        },
        {
          "name": "RHBZ#2337481",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337481"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-01-13T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: commands/extcmd: missing check for failed allocation",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-252: Unchecked Return Value"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45775",
    "datePublished": "2025-02-18T19:25:40.364Z",
    "dateReserved": "2024-09-08T01:57:12.947Z",
    "dateUpdated": "2025-06-10T19:24:00.770Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4432 (GCVE-0-2025-4432)
Vulnerability from cvelistv5
Published
2025-05-09 16:06
Modified
2025-07-25 05:31
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A flaw was found in Rust's Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received.
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4432",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-09T16:31:54.402275Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-09T16:33:29.829Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/briansmith/ring",
          "defaultStatus": "unaffected",
          "packageName": "ring",
          "versions": [
            {
              "lessThan": "0.17.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rust",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "snpguest",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "trustee-guest-components",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox:flatpak/firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "snpguest",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird:flatpak/thunderbird",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "trustee-guest-components",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "kata-containers",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.12-maturin",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "python-maturin",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuffer-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuftool-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-03-07T16:23:50.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Rust\u0027s Ring package. A panic may be triggered when overflow checking is enabled. In the QUIC protocol, this flaw allows an attacker to induce this panic by sending a specially crafted packet. It will likely occur unintentionally in 1 out of every 2**32 packets sent or received."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T05:31:15.423Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4432"
        },
        {
          "name": "RHBZ#2350655",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2350655"
        },
        {
          "url": "https://github.com/briansmith/ring"
        },
        {
          "url": "https://github.com/briansmith/ring/blob/main/RELEASES.md#version-01712-2025-03-05"
        },
        {
          "url": "https://github.com/briansmith/ring/commit/ec2d3cf1d91f148c84e4806b4f0b3c98f6df3b38"
        },
        {
          "url": "https://github.com/briansmith/ring/pull/2447"
        },
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2025-0009.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-03-07T17:01:53.352445+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-03-07T16:23:50+00:00",
          "value": "Made public."
        }
      ],
      "title": "Ring: some aes functions may panic when overflow checking is enabled in ring",
      "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4432",
    "datePublished": "2025-05-09T16:06:33.671Z",
    "dateReserved": "2025-05-08T12:49:25.624Z",
    "dateUpdated": "2025-07-25T05:31:15.423Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0677 (GCVE-0-2025-0677)
Vulnerability from cvelistv5
Published
2025-02-19 18:23
Modified
2025-07-25 07:42
CWE
Summary
A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms.
References
https://access.redhat.com/errata/RHSA-2025:6990 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0677 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346116 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0677",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T18:39:38.906939Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T18:39:50.525Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When performing a symlink lookup, the grub\u0027s UFS module checks the inode\u0027s data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T07:42:44.877Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0677"
        },
        {
          "name": "RHBZ#2346116",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346116"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:04:39.393000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: ufs: integer overflow may lead to heap based out-of-bounds write when handling symlinks",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0677",
    "datePublished": "2025-02-19T18:23:53.496Z",
    "dateReserved": "2025-01-23T16:24:18.046Z",
    "dateUpdated": "2025-07-25T07:42:44.877Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0678 (GCVE-0-2025-0678)
Vulnerability from cvelistv5
Published
2025-03-03 17:05
Modified
2025-07-05 05:40
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in grub2. When reading data from a squash4 filesystem, grub's squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0678",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T16:15:54.571947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T16:16:04.985Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When reading data from a squash4 filesystem, grub\u0027s squash4 fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the direct_read() will perform a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub\u0027s internal critical data and may result in arbitrary code execution, by-passing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T05:40:59.411Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0678"
        },
        {
          "name": "RHBZ#2346118",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346118"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:10:07.402000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: squash4: integer overflow may lead to heap based out-of-bounds write when reading data",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0678",
    "datePublished": "2025-03-03T17:05:41.928Z",
    "dateReserved": "2025-01-23T16:30:21.331Z",
    "dateUpdated": "2025-07-05T05:40:59.411Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4878 (GCVE-0-2025-4878)
Vulnerability from cvelistv5
Published
2025-07-22 14:17
Modified
2025-07-29 19:14
CWE
Summary
A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4878",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-22T14:34:47.719442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-22T14:35:00.989Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.libssh.org/",
          "defaultStatus": "unaffected",
          "packageName": "libssh",
          "versions": [
            {
              "lessThan": "0.11.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn\u0027t exist and may lead to possible signing failures or heap corruption."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.6,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T19:14:17.797Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4878"
        },
        {
          "name": "RHBZ#2376184",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376184"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?id=697650caa97eaf7623924c75f9fcfec6dd423cd1"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?id=b35ee876adc92a208d47194772e99f9c71e0bedb"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-03T17:42:21.515000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libssh: use of uninitialized variable in privatekey_from_file()",
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4878",
    "datePublished": "2025-07-22T14:17:03.122Z",
    "dateReserved": "2025-05-16T22:28:46.782Z",
    "dateUpdated": "2025-07-29T19:14:17.797Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8612 (GCVE-0-2024-8612)
Vulnerability from cvelistv5
Published
2024-09-20 17:50
Modified
2025-08-06 07:34
CWE
  • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak.
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8612",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-20T18:00:38.633928Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-20T18:00:48.795Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-08T15:02:52.687Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241108-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/qemu-project/qemu",
          "packageName": "qemu",
          "repo": "https://gitlab.com/qemu-project/qemu",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "637b0aa139565cb82a7b9269e62214f87082635c",
              "versionType": "git"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm-ma",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Xiao Lei (FSL team), Yiming Tao (FSL team), and Yongkang Jia (FSL team) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in QEMU, in the virtio-scsi, virtio-blk, and virtio-crypto devices. The size for virtqueue_push as set in virtio_scsi_complete_req / virtio_blk_req_complete / virito_crypto_req_complete could be larger than the true size of the data which has been sent to guest. Once virtqueue_push() finally calls dma_memory_unmap to ummap the in_iov, it may call the address_space_write function to write back the data. Some uninitialized data may exist in the bounce.buffer, leading to an information leak."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T07:34:15.569Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8612"
        },
        {
          "name": "RHBZ#2313760",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313760"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-20T09:20:37.810000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Qemu-kvm: information leak in virtio devices",
      "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8612",
    "datePublished": "2024-09-20T17:50:21.635Z",
    "dateReserved": "2024-09-09T16:25:22.769Z",
    "dateUpdated": "2025-08-06T07:34:15.569Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-31082 (GCVE-0-2024-31082)
Vulnerability from cvelistv5
Published
2024-04-04 13:48
Modified
2025-07-05 02:32
CWE
Summary
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
Impacted products
Vendor Product Version
Version: 1.12.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31082",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-29T15:13:28.884475Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-29T15:13:40.871Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:46:03.895Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-31082"
          },
          {
            "name": "RHBZ#2271999",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xorg-server",
          "repo": "https://gitlab.freedesktop.org/xorg/xserver/",
          "versions": [
            {
              "lessThan": "21.1.12",
              "status": "affected",
              "version": "1.12.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T02:32:37.534Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-31082"
        },
        {
          "name": "RHBZ#2271999",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271999"
        },
        {
          "url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-28T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server: heap buffer overread/data leakage in procappledricreatepixmap",
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-31082",
    "datePublished": "2024-04-04T13:48:34.893Z",
    "dateReserved": "2024-03-28T02:56:55.575Z",
    "dateUpdated": "2025-07-05T02:32:37.534Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1057 (GCVE-0-2025-1057)
Vulnerability from cvelistv5
Published
2025-03-15 08:50
Modified
2025-07-05 05:43
CWE
  • CWE-704 - Incorrect Type Conversion or Cast
Summary
A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail.
References
Impacted products
Vendor Product Version
Version: 7.12.0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1057",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-17T17:01:10.891516Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-17T17:01:26.257Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/keylime/keylime",
          "defaultStatus": "unaffected",
          "packageName": "keylime",
          "versions": [
            {
              "status": "affected",
              "version": "7.12.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keylime",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "keylime",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Anderson Toshiyuki Sasaki for reporting this issue."
        }
      ],
      "datePublic": "2025-02-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Keylime, a remote attestation solution, where strict type checking introduced in version 7.12.0 prevents the registrar from reading database entries created by previous versions, for example, 7.11.0. Specifically, older versions store agent registration data as bytes, whereas the updated registrar expects str. This issue leads to an exception when processing agent registration requests, causing the agent to fail."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-704",
              "description": "Incorrect Type Conversion or Cast",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T05:43:46.466Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-1057"
        },
        {
          "name": "RHBZ#2343894",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2343894"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-05T09:47:52.149000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-05T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Keylime: keylime registrar dos due to incompatible database entry handling",
      "x_redhatCweChain": "CWE-704: Incorrect Type Conversion or Cast"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-1057",
    "datePublished": "2025-03-15T08:50:48.649Z",
    "dateReserved": "2025-02-05T09:57:50.746Z",
    "dateUpdated": "2025-07-05T05:43:46.466Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7519 (GCVE-0-2025-7519)
Vulnerability from cvelistv5
Published
2025-07-14 13:35
Modified
2025-07-25 17:55
CWE
Summary
A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it's required to place the malicious policy file properly.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7519",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-15T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-16T03:56:03.205Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.freedesktop.org/software/polkit/releases/",
          "defaultStatus": "unaffected",
          "packageName": "polkit",
          "versions": [
            {
              "lessThanOrEqual": "126",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Mohamed Maatallah (Independent security researcher) for reporting this issue."
        }
      ],
      "datePublic": "2025-07-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in polkit. When processing an XML policy with 32 or more nested elements in depth, an out-of-bounds write can be triggered. This issue can lead to a crash or other unexpected behavior, and arbitrary code execution is not discarded. To exploit this flaw, a high-privilege account is needed as it\u0027s required to place the malicious policy file properly."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T17:55:29.712Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-7519"
        },
        {
          "name": "RHBZ#2379675",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379675"
        },
        {
          "url": "https://github.com/polkit-org/polkit/commit/107d3801361b9f9084f78710178e683391f1d245"
        },
        {
          "url": "https://github.com/polkit-org/polkit/pull/570"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-11T21:18:25.825000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-11T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Polkit: xml policy file with a large number of nested elements may lead to out-of-bounds write",
      "workarounds": [
        {
          "lang": "en",
          "value": "There\u0027s no known mitigation to this vulnerability other than avoiding the implementation of unknown or untrusted polkit policy files to the system."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-7519",
    "datePublished": "2025-07-14T13:35:21.280Z",
    "dateReserved": "2025-07-11T21:18:10.265Z",
    "dateUpdated": "2025-07-25T17:55:29.712Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26596 (GCVE-0-2025-26596)
Vulnerability from cvelistv5
Published
2025-02-25 15:54
Modified
2025-07-29 00:19
CWE
Summary
A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26596 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345256 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26596",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T17:14:01.432188Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T17:22:27.580Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:19:23.477Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26596"
        },
        {
          "name": "RHBZ#2345256",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345256"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:15:01.367000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: heap overflow in xkbwritekeysyms()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26596",
    "datePublished": "2025-02-25T15:54:23.693Z",
    "dateReserved": "2025-02-12T14:12:22.795Z",
    "dateUpdated": "2025-07-29T00:19:23.477Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0624 (GCVE-0-2025-0624)
Vulnerability from cvelistv5
Published
2025-02-19 18:23
Modified
2025-08-01 18:19
CWE
Summary
A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections.
References
https://access.redhat.com/errata/RHSA-2025:2521 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2653 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2655 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2675 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2784 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2799 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2867 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2869 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3297 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3301 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3367 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3396 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3573 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3577 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3780 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4422 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7702 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0624 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2346112 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 1:2.02-0.87.el7_9.15   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 1:2.02-162.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 1:2.02-87.el8_2.13   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 1:2.02-99.el8_4.12   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 1:2.02-99.el8_4.12   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 1:2.02-99.el8_4.12   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 1:2.02-123.el8_6.18   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 1:2.02-123.el8_6.18   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 1:2.02-123.el8_6.18   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 1:2.02-152.el8_8.2   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-94.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 1:2.06-27.el9_0.22   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:2.06-61.el9_2.10   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 1:2.06-86.el9_4.2   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 412.86.202503310142-0   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202504070146-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202505141057-0   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202504282058-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202503252048-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202503241418-0   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 418.94.202504021150-0   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0624",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T18:39:10.861038Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T18:39:29.836Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-16T23:03:03.150Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250516-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-0.87.el7_9.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-162.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-87.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-99.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-99.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-99.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-123.el8_6.18",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-123.el8_6.18",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-123.el8_6.18",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.02-152.el8_8.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-94.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-27.el9_0.22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-61.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-86.el9_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8",
            "cpe:/a:redhat:openshift:4.12::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "412.86.202503310142-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202504070146-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202505141057-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202504282058-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202503252048-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "417.94.202503241418-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "418.94.202504021150-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T18:19:33.461Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2521",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2521"
        },
        {
          "name": "RHSA-2025:2653",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2653"
        },
        {
          "name": "RHSA-2025:2655",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2655"
        },
        {
          "name": "RHSA-2025:2675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2675"
        },
        {
          "name": "RHSA-2025:2784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2784"
        },
        {
          "name": "RHSA-2025:2799",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2799"
        },
        {
          "name": "RHSA-2025:2867",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2867"
        },
        {
          "name": "RHSA-2025:2869",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2869"
        },
        {
          "name": "RHSA-2025:3297",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3297"
        },
        {
          "name": "RHSA-2025:3301",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3301"
        },
        {
          "name": "RHSA-2025:3367",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3367"
        },
        {
          "name": "RHSA-2025:3396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3396"
        },
        {
          "name": "RHSA-2025:3573",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3573"
        },
        {
          "name": "RHSA-2025:3577",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3577"
        },
        {
          "name": "RHSA-2025:3780",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3780"
        },
        {
          "name": "RHSA-2025:4422",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4422"
        },
        {
          "name": "RHSA-2025:7702",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7702"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0624"
        },
        {
          "name": "RHBZ#2346112",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346112"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T14:35:38.127000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: net: out-of-bounds write in grub_net_search_config_file()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0624",
    "datePublished": "2025-02-19T18:23:21.463Z",
    "dateReserved": "2025-01-21T16:49:51.381Z",
    "dateUpdated": "2025-08-01T18:19:33.461Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9632 (GCVE-0-2024-9632)
Vulnerability from cvelistv5
Published
2024-10-30 07:42
Modified
2025-08-04 21:04
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges.
References
https://access.redhat.com/errata/RHSA-2024:10090 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8798 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9540 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9579 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9601 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9690 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9816 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9818 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9819 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9820 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9901 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9632 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2317233 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.1.1   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-34.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-25.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-17.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-14.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.12   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.11   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.11   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.11   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.12   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.12   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.12   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.11   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.12   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.9   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-31T19:02:24.167Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/10/29/2"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00031.html"
          },
          {
            "url": "http://seclists.org/fulldisclosure/2024/Oct/20"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9632",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-30T13:34:32.792082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-30T13:35:19.624Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xorg-server",
          "versions": [
            {
              "lessThan": "21.1.14",
              "status": "affected",
              "version": "1.1.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-34.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-25.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-17.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-14.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-10-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T21:04:39.557Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10090",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10090"
        },
        {
          "name": "RHSA-2024:8798",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8798"
        },
        {
          "name": "RHSA-2024:9540",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9540"
        },
        {
          "name": "RHSA-2024:9579",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9579"
        },
        {
          "name": "RHSA-2024:9601",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9601"
        },
        {
          "name": "RHSA-2024:9690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9690"
        },
        {
          "name": "RHSA-2024:9816",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9816"
        },
        {
          "name": "RHSA-2024:9818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9818"
        },
        {
          "name": "RHSA-2024:9819",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9819"
        },
        {
          "name": "RHSA-2024:9820",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9820"
        },
        {
          "name": "RHSA-2024:9901",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9901"
        },
        {
          "name": "RHSA-2025:12751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12751"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9632"
        },
        {
          "name": "RHBZ#2317233",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317233"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-08T13:37:25.514000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-29T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9632",
    "datePublished": "2024-10-30T07:42:35.320Z",
    "dateReserved": "2024-10-08T13:45:31.259Z",
    "dateUpdated": "2025-08-04T21:04:39.557Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5742 (GCVE-0-2024-5742)
Vulnerability from cvelistv5
Published
2024-06-12 08:53
Modified
2025-07-05 09:21
CWE
  • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Summary
A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink.
References
https://access.redhat.com/errata/RHSA-2024:6986 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9430 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-5742 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2278574 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.8-3.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:5.6.1-6.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5742",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-07T20:27:39.384448Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-07T20:28:33.620Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:18:07.052Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-5742"
          },
          {
            "name": "RHBZ#2278574",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278574"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00006.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.savannah.gnu.org/git/nano.git",
          "defaultStatus": "affected",
          "packageName": "nano"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "nano",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.8-3.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "nano",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.6.1-6.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "nano",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "nano",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "nano",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-04-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in GNU Nano that allows a possible privilege escalation through an insecure temporary file. If Nano is killed while editing, a file it saves to an emergency file with the permissions of the running user provides a window of opportunity for attackers to escalate privileges through a malicious symlink."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T09:21:35.847Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:6986",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6986"
        },
        {
          "name": "RHSA-2024:9430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9430"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-5742"
        },
        {
          "name": "RHBZ#2278574",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2278574"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-05-02T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-04-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Nano: running `chmod` and `chown` on the filename allows malicious user to replace the emergency file with a malicious symlink to a root-owned file",
      "x_redhatCweChain": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-5742",
    "datePublished": "2024-06-12T08:53:02.256Z",
    "dateReserved": "2024-06-07T12:22:38.441Z",
    "dateUpdated": "2025-07-05T09:21:35.847Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8354 (GCVE-0-2024-8354)
Vulnerability from cvelistv5
Published
2024-09-19 10:45
Modified
2025-08-06 07:33
CWE
Summary
A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition.
References
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8354",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T13:38:43.642114Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T13:38:51.859Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-11T22:03:23.165Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241011-0008/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/qemu-project/qemu",
          "defaultStatus": "affected",
          "packageName": "qemu"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm-ma",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Antoine \"Gravis\" Assier de Pompignan (Fuzzinglabs) and Patrick Ventuzelo (Fuzzinglabs) for reporting this issue."
        }
      ],
      "datePublic": "2024-08-30T19:07:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in QEMU. An assertion failure was present in the usb_ep_get() function in hw/net/core.c when trying to get the USB endpoint from a USB device. This flaw may allow a malicious unprivileged guest user to crash the QEMU process on the host and cause a denial of service condition."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-617",
              "description": "Reachable Assertion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T07:33:16.148Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8354"
        },
        {
          "name": "RHBZ#2313497",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313497"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-19T08:42:45.570000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-08-30T19:07:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Qemu-kvm: usb: assertion failure in usb_ep_get()",
      "x_redhatCweChain": "CWE-617: Reachable Assertion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8354",
    "datePublished": "2024-09-19T10:45:06.191Z",
    "dateReserved": "2024-08-30T15:57:27.206Z",
    "dateUpdated": "2025-08-06T07:33:16.148Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4476 (GCVE-0-2025-4476)
Vulnerability from cvelistv5
Published
2025-05-16 17:56
Modified
2025-07-29 18:24
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user's application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user's client application into connecting to the attacker's malicious server.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4476",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-16T18:08:10.776270Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-16T18:08:17.873Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.6",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial-of-service vulnerability has been identified in the libsoup HTTP client library. This flaw can be triggered when a libsoup client receives a 401 (Unauthorized) HTTP response containing a specifically crafted domain parameter within the WWW-Authenticate header. Processing this malformed header can lead to a crash of the client application using libsoup. An attacker could exploit this by setting up a malicious HTTP server. If a user\u0027s application using the vulnerable libsoup library connects to this malicious server, it could result in a denial-of-service. Successful exploitation requires tricking a user\u0027s client application into connecting to the attacker\u0027s malicious server."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T18:24:12.416Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4476"
        },
        {
          "name": "RHBZ#2366513",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366513"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-15T14:21:35.587000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-08T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: null pointer dereference in libsoup may lead to denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate the risk posed by this libsoup vulnerability, Red Hat strongly advises against connecting client applications relying on the libsoup library to untrusted HTTP servers until systems can be updated to a version of libsoup that includes the fix for this specific flaw. This precaution will help prevent potential denial-of-service scenarios within user sessions."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4476",
    "datePublished": "2025-05-16T17:56:58.302Z",
    "dateReserved": "2025-05-08T21:17:08.702Z",
    "dateUpdated": "2025-07-29T18:24:12.416Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5987 (GCVE-0-2025-5987)
Vulnerability from cvelistv5
Published
2025-07-07 14:24
Modified
2025-08-13 15:11
CWE
  • CWE-393 - Return of Wrong Status Code
Summary
A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5987",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-07T14:37:02.701764Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-07T14:38:29.143Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-26T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-393",
              "description": "Return of Wrong Status Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-13T15:11:40.361Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5987"
        },
        {
          "name": "RHBZ#2376219",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376219"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-03T21:55:26.394000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-26T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libssh: invalid return code for chacha20 poly1305 with openssl backend",
      "x_redhatCweChain": "CWE-393: Return of Wrong Status Code"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5987",
    "datePublished": "2025-07-07T14:24:12.576Z",
    "dateReserved": "2025-06-10T21:55:45.552Z",
    "dateUpdated": "2025-08-13T15:11:40.361Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3576 (GCVE-0-2025-3576)
Vulnerability from cvelistv5
Published
2025-04-15 05:55
Modified
2025-08-13 08:59
CWE
Summary
A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:1.21.3-8.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.18.2-32.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.21.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.21.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.20.1-9.el9_2.3   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
    cpe:/o:redhat:rhel_e4s:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.21.1-2.el9_4.2   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat Discovery 2 Unaffected: sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de   < *
    cpe:/a:redhat:discovery:2::el9
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3576",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T13:11:53.062910Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T13:12:04.778Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-30T17:02:59.776Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://web.mit.edu/kerberos/",
          "defaultStatus": "unaffected",
          "packageName": "krb5",
          "versions": [
            {
              "lessThan": "1.22",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.21.3-8.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.18.2-32.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.21.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.21.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.1-9.el9_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.21.1-2.el9_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:bd9cb502def3153c193713b56372694cb555a71b38d4fc0fd9d021bccc5602de",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "aap-cloud-metrics-collector-container",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform-24/ee-minimal-rhel9",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform-24/ee-supported-rhel9",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform-24/platform-resource-runner-rhel8",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform-25/ansible-builder-rhel8",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "krb5",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-328",
              "description": "Use of Weak Hash",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-13T08:59:06.001Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:11487",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11487"
        },
        {
          "name": "RHSA-2025:13664",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13664"
        },
        {
          "name": "RHSA-2025:13777",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13777"
        },
        {
          "name": "RHSA-2025:8411",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8411"
        },
        {
          "name": "RHSA-2025:9418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9418"
        },
        {
          "name": "RHSA-2025:9430",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9430"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-3576"
        },
        {
          "name": "RHBZ#2359465",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359465"
        },
        {
          "url": "https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T11:00:53.484000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-15T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Krb5: kerberos rc4-hmac-md5 checksum vulnerability enabling message spoofing via md5 collisions",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-328: Use of Weak Hash"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-3576",
    "datePublished": "2025-04-15T05:55:26.732Z",
    "dateReserved": "2025-04-14T09:53:43.906Z",
    "dateUpdated": "2025-08-13T08:59:06.001Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7424 (GCVE-0-2025-7424)
Vulnerability from cvelistv5
Published
2025-07-10 14:05
Modified
2025-08-06 18:05
CWE
  • CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion')
Summary
A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7424",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T14:19:10.293861Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T14:19:18.343Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Ivan Fratric (Google Project Zero) for reporting this issue."
        }
      ],
      "datePublic": "2025-07-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the libxslt library. The same memory field, psvi, is used for both stylesheet and input data, which can lead to type confusion during XML transformations. This vulnerability allows an attacker to crash the application or corrupt memory. In some cases, it may lead to denial of service or unexpected behavior."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-843",
              "description": "Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T18:05:00.457Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-7424"
        },
        {
          "name": "RHBZ#2379228",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379228"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-10T08:34:02.563000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxslt: type confusion in xmlnode.psvi between stylesheet and source nodes",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-843: Access of Resource Using Incompatible Type (\u0027Type Confusion\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-7424",
    "datePublished": "2025-07-10T14:05:41.808Z",
    "dateReserved": "2025-07-10T08:43:48.349Z",
    "dateUpdated": "2025-08-06T18:05:00.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1244 (GCVE-0-2025-1244)
Vulnerability from cvelistv5
Published
2025-02-12 14:27
Modified
2025-08-01 18:19
CWE
  • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Summary
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
References
https://access.redhat.com/errata/RHSA-2025:1915 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1917 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1961 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1962 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1963 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2022 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2130 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2157 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2195 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2754 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-1244 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345150 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 1:24.3-23.el7_9.2   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 1:26.1-13.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 1:26.1-13.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 1:26.1-5.el8_2.3   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 1:26.1-5.el8_4.3   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 1:26.1-5.el8_4.3   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 1:26.1-5.el8_4.3   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 1:26.1-7.el8_6.6   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 1:26.1-7.el8_6.6   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 1:26.1-7.el8_6.6   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 1:26.1-10.el8_8.7   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:27.2-11.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 1:27.2-6.el9_0.2   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:27.2-8.el9_2.2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 1:27.2-10.el9_4.1   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Builds for Red Hat OpenShift 1.3.2 Unaffected: sha256:dc839b2217a61a4ac07cefecc0b5a0cf8c907d7b7114ca15b5ca368f57de921a   < *
    cpe:/a:redhat:openshift_builds:1.3::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1244",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-12T14:50:47.050392Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:21:21.499Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-03-01T21:02:26.923Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://debbugs.gnu.org/cgi/bugreport.cgi?bug=66390"
          },
          {
            "url": "https://git.savannah.gnu.org/cgit/emacs.git/tree/etc/NEWS?h=emacs-30.1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/03/01/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.savannah.gnu.org/cgit/emacs.git/",
          "defaultStatus": "unaffected",
          "packageName": "emacs",
          "versions": [
            {
              "lessThan": "29.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:24.3-23.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-13.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-13.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-5.el8_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-5.el8_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-5.el8_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-5.el8_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-7.el8_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-7.el8_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-7.el8_6.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:26.1-10.el8_8.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:27.2-11.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:27.2-6.el9_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:27.2-8.el9_2.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:27.2-10.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/openshift-builds/openshift-builds-git-cloner-rhel9",
          "product": "Builds for Red Hat OpenShift 1.3.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:dc839b2217a61a4ac07cefecc0b5a0cf8c907d7b7114ca15b5ca368f57de921a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "emacs",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Vasilij Schneidermann (CODE WHITE) for reporting this issue."
        }
      ],
      "datePublic": "2025-02-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-78",
              "description": "Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T18:19:02.735Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:1915",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1915"
        },
        {
          "name": "RHSA-2025:1917",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1917"
        },
        {
          "name": "RHSA-2025:1961",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1961"
        },
        {
          "name": "RHSA-2025:1962",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1962"
        },
        {
          "name": "RHSA-2025:1963",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1963"
        },
        {
          "name": "RHSA-2025:1964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1964"
        },
        {
          "name": "RHSA-2025:2022",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2022"
        },
        {
          "name": "RHSA-2025:2130",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2130"
        },
        {
          "name": "RHSA-2025:2157",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2157"
        },
        {
          "name": "RHSA-2025:2195",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2195"
        },
        {
          "name": "RHSA-2025:2754",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2754"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-1244"
        },
        {
          "name": "RHBZ#2345150",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345150"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T07:05:48.841000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-12T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Emacs: shell injection vulnerability in gnu emacs via custom \"man\" uri scheme",
      "workarounds": [
        {
          "lang": "en",
          "value": "There is no an existing or known mitigation for this issue without disabling part of the Emacs core functionality. However, by avoiding opening or view untrusted files, websites, HTTP URLs or other URI resources with Emacs would reduce or prevent the risk of performing this attack successfully."
        }
      ],
      "x_redhatCweChain": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-1244",
    "datePublished": "2025-02-12T14:27:45.707Z",
    "dateReserved": "2025-02-12T07:32:23.452Z",
    "dateUpdated": "2025-08-01T18:19:02.735Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32053 (GCVE-0-2025-32053)
Vulnerability from cvelistv5
Published
2025-04-03 13:37
Modified
2025-07-29 07:20
CWE
Summary
A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read.
References
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32053 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2357070 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32053",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:04:01.420300Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:04:16.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:20:25.003Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32053"
        },
        {
          "name": "RHBZ#2357070",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357070"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:16:47.321000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: heap buffer overflows in sniff_feed_or_html() and skip_insignificant_space()",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32053",
    "datePublished": "2025-04-03T13:37:39.054Z",
    "dateReserved": "2025-04-03T01:42:14.135Z",
    "dateUpdated": "2025-07-29T07:20:25.003Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2236 (GCVE-0-2024-2236)
Vulnerability from cvelistv5
Published
2024-03-06 22:07
Modified
2025-08-03 11:24
CWE
  • CWE-208 - Observable Timing Discrepancy
Summary
A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
References
https://access.redhat.com/errata/RHSA-2024:9404 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3530 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3534 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-2236 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2245218 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.10.0-11.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.10.0-11.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.10.0-10.el9_2.1   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.10.0-10.el9_4.1   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:03:39.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-2236"
          },
          {
            "name": "RHBZ#2245218",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
          },
          {
            "name": "RHBZ#2268268",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268268"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-07T20:07:33.124826Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-12T20:41:08.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.gnupg.org/libgcrypt.git",
          "defaultStatus": "unaffected",
          "packageName": "libgcrypt",
          "versions": [
            {
              "lessThan": "9.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-11.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-11.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-10.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-10.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-03-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T11:24:55.627Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9404",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9404"
        },
        {
          "name": "RHSA-2025:3530",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3530"
        },
        {
          "name": "RHSA-2025:3534",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3534"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-2236"
        },
        {
          "name": "RHBZ#2245218",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-20T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-06T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libgcrypt: vulnerable to marvin attack",
      "x_redhatCweChain": "CWE-385-\u003eCWE-208: Covert Timing Channel leads to Observable Timing Discrepancy"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-2236",
    "datePublished": "2024-03-06T22:07:16.617Z",
    "dateReserved": "2024-03-06T20:10:15.745Z",
    "dateUpdated": "2025-08-03T11:24:55.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8443 (GCVE-0-2024-8443)
Vulnerability from cvelistv5
Published
2024-09-10 13:16
Modified
2025-07-05 09:43
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution.
References
Impacted products
Vendor Product Version
Version: 0.26.0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8443",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-10T14:47:31.467058Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T14:47:45.126Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "unaffected",
          "packageName": "opensc",
          "versions": [
            {
              "lessThan": "0.26.0",
              "status": "affected",
              "version": "0.26.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow vulnerability was found in the libopensc OpenPGP driver. A crafted USB device or smart card with malicious responses to the APDUs during the card enrollment process using the `pkcs15-init` tool may lead to out-of-bound rights, possibly resulting in arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 2.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T09:43:58.233Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8443"
        },
        {
          "name": "RHBZ#2310494",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310494"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-06T19:58:04.234000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-04T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: heap buffer overflow in openpgp driver when generating key",
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8443",
    "datePublished": "2024-09-10T13:16:51.146Z",
    "dateReserved": "2024-09-04T21:43:13.770Z",
    "dateUpdated": "2025-07-05T09:43:58.233Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45769 (GCVE-0-2024-45769)
Vulnerability from cvelistv5
Published
2024-09-19 08:45
Modified
2025-07-24 13:19
CWE
Summary
A vulnerability was found in Performance Co-Pilot (PCP).  This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash.
References
https://access.redhat.com/errata/RHSA-2024:6837 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6840 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6842 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6843 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6844 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6846 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6847 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6848 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9452 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45769 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2310452 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:5.3.7-22.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:5.0.2-9.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:5.2.5-8.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:5.2.5-8.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:5.2.5-8.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:5.3.5-10.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:5.3.5-10.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:5.3.5-10.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:5.3.7-19.el8_8   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:6.2.0-5.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:6.2.2-7.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:5.3.5-10.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:6.0.1-8.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45769",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T13:39:40.637961Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T13:39:52.390Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/performancecopilot/pcp",
          "defaultStatus": "affected",
          "packageName": "pcp"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.7-22.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.0.2-9.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-8.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-8.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-8.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.7-19.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.2.0-5.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.2.2-7.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.0.1-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Performance Co-Pilot (PCP).\u00a0 This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-24T13:19:09.847Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:6837",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6837"
        },
        {
          "name": "RHSA-2024:6840",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6840"
        },
        {
          "name": "RHSA-2024:6842",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6842"
        },
        {
          "name": "RHSA-2024:6843",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6843"
        },
        {
          "name": "RHSA-2024:6844",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6844"
        },
        {
          "name": "RHSA-2024:6846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6846"
        },
        {
          "name": "RHSA-2024:6847",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6847"
        },
        {
          "name": "RHSA-2024:6848",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6848"
        },
        {
          "name": "RHSA-2024:9452",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9452"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45769"
        },
        {
          "name": "RHBZ#2310452",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310452"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-06T17:07:45.533000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Pcp: pmcd heap corruption through metric pmstore operations",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45769",
    "datePublished": "2024-09-19T08:45:06.247Z",
    "dateReserved": "2024-09-06T14:56:44.790Z",
    "dateUpdated": "2025-07-24T13:19:09.847Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3931 (GCVE-0-2025-3931)
Vulnerability from cvelistv5
Published
2025-05-14 11:54
Modified
2025-07-25 21:54
CWE
  • CWE-280 - Improper Handling of Insufficient Permissions or Privileges
Summary
A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children's "worker" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks, allowing every system user to call it. One available Yggdrasil worker acts as a package manager with capabilities to create and enable new repositories and install or remove packages. This flaw allows an attacker with access to the system to leverage the lack of authentication on the dispatch message to force the Yggdrasil worker to install arbitrary RPM packages. This issue results in local privilege escalation, enabling the attacker to access and modify sensitive system data.
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:0.4.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3931",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-14T13:26:50.331377Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-14T13:27:01.903Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RedHatInsights/yggdrasil",
          "defaultStatus": "unaffected",
          "packageName": "yggdrasil",
          "versions": [
            {
              "lessThan": "0.4.7",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.4.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rhc-worker-playbook",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "yggdrasil",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Thibault Guittet (Red Hat)."
        }
      ],
      "datePublic": "2025-05-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Yggdrasil, which acts as a system broker, allowing the processes to communicate to other children\u0027s \"worker\" processes through the DBus component. Yggdrasil creates a DBus method to dispatch messages to workers. However, it misses authentication and authorization checks, allowing every system user to call it. One available Yggdrasil worker acts as a package manager with capabilities to create and enable new repositories and install or remove packages. \n\nThis flaw allows an attacker with access to the system to leverage the lack of authentication on the dispatch message to force the Yggdrasil worker to install arbitrary RPM packages. This issue results in local privilege escalation, enabling the attacker to access and modify sensitive system data."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-280",
              "description": "Improper Handling of Insufficient Permissions or Privileges",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T21:54:11.768Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7592",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7592"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-3931"
        },
        {
          "name": "RHBZ#2362345",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362345"
        },
        {
          "url": "https://github.com/RedHatInsights/yggdrasil/pull/336"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-25T17:06:52.161000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Yggdrasil: local privilege escalation in yggdrasil",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-280: Improper Handling of Insufficient Permissions or Privileges"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-3931",
    "datePublished": "2025-05-14T11:54:50.290Z",
    "dateReserved": "2025-04-25T12:24:04.851Z",
    "dateUpdated": "2025-07-25T21:54:11.768Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45777 (GCVE-0-2024-45777)
Vulnerability from cvelistv5
Published
2025-02-19 17:54
Modified
2025-07-29 09:40
CWE
Summary
A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2's sensitive heap data, eventually leading to the circumvention of secure boot protections.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45777",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T18:38:37.767457Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T18:38:59.247Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://ftp.gnu.org/gnu/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. The calculation of the translation buffer when reading a language .mo file in grub_gettext_getstr_from_position() may overflow, leading to a Out-of-bound write. This issue can be leveraged by an attacker to overwrite grub2\u0027s sensitive heap data, eventually leading to the circumvention of secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:40:11.647Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45777"
        },
        {
          "name": "RHBZ#2346343",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346343"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-18T19:45:13.812000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: grub-core/gettext: integer overflow leads to heap oob write.",
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45777",
    "datePublished": "2025-02-19T17:54:01.926Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:40:11.647Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-31080 (GCVE-0-2024-31080)
Vulnerability from cvelistv5
Published
2024-04-04 13:47
Modified
2025-08-04 21:06
CWE
Summary
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
References
https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-31080 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2271997 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 29.1.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:46:04.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
          },
          {
            "name": "RHSA-2024:1785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1785"
          },
          {
            "name": "RHSA-2024:2036",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2036"
          },
          {
            "name": "RHSA-2024:2037",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2037"
          },
          {
            "name": "RHSA-2024:2038",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2038"
          },
          {
            "name": "RHSA-2024:2039",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2039"
          },
          {
            "name": "RHSA-2024:2040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2040"
          },
          {
            "name": "RHSA-2024:2041",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2041"
          },
          {
            "name": "RHSA-2024:2042",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2042"
          },
          {
            "name": "RHSA-2024:2080",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2080"
          },
          {
            "name": "RHSA-2024:2616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2616"
          },
          {
            "name": "RHSA-2024:3258",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3258"
          },
          {
            "name": "RHSA-2024:3261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3261"
          },
          {
            "name": "RHSA-2024:3343",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3343"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-31080"
          },
          {
            "name": "RHBZ#2271997",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31080",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-07T15:41:05.539453Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T18:18:59.223Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
          "defaultStatus": "unaffected",
          "packageName": "xorg-server",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "29.1.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-29.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-33.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-2.el8_9.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-23.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-10.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-16.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T21:06:17.457Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1785"
        },
        {
          "name": "RHSA-2024:2036",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2036"
        },
        {
          "name": "RHSA-2024:2037",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2037"
        },
        {
          "name": "RHSA-2024:2038",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2038"
        },
        {
          "name": "RHSA-2024:2039",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2039"
        },
        {
          "name": "RHSA-2024:2040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2040"
        },
        {
          "name": "RHSA-2024:2041",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2041"
        },
        {
          "name": "RHSA-2024:2042",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2042"
        },
        {
          "name": "RHSA-2024:2080",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2080"
        },
        {
          "name": "RHSA-2024:2616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2616"
        },
        {
          "name": "RHSA-2024:3258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3258"
        },
        {
          "name": "RHSA-2024:3261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3261"
        },
        {
          "name": "RHSA-2024:3343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3343"
        },
        {
          "name": "RHSA-2024:9093",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9093"
        },
        {
          "name": "RHSA-2024:9122",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9122"
        },
        {
          "name": "RHSA-2025:12751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12751"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-31080"
        },
        {
          "name": "RHBZ#2271997",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-28T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server: heap buffer overread/data leakage in procxigetselectedevents",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-31080",
    "datePublished": "2024-04-04T13:47:33.926Z",
    "dateReserved": "2024-03-28T02:56:55.574Z",
    "dateUpdated": "2025-08-04T21:06:17.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5953 (GCVE-0-2024-5953)
Vulnerability from cvelistv5
Published
2024-06-18 10:01
Modified
2025-08-03 08:41
CWE
  • CWE-1288 - Improper Validation of Consistency within Input
Summary
A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password.
References
https://access.redhat.com/errata/RHSA-2024:4633 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4997 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5192 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5690 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6153 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6569 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6576 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1632 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-5953 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2292104 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Directory Server 11.5 E4S for RHEL 8 Unaffected: 8060020250210084424.0ca98e7e   < *
    cpe:/a:redhat:directory_server_e4s:11.5::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 11.7 for RHEL 8 Unaffected: 8080020240909040333.f969626e   < *
    cpe:/a:redhat:directory_server:11.7::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 11.9 for RHEL 8 Unaffected: 8100020240902112955.37ed7c03   < *
    cpe:/a:redhat:directory_server:11.9::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 12.2 EUS for RHEL 9 Unaffected: 9020020240916150035.1674d574   < *
    cpe:/a:redhat:directory_server_eus:12.2::el9
Create a notification for this product.
   Red Hat Red Hat Directory Server 12.4 for RHEL 9 Unaffected: 9040020240723122852.1674d574   < *
    cpe:/a:redhat:directory_server:12.4::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.3.11.1-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240910065753.25e700aa   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020240807050952.6dbb3803   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.4.5-9.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.2.4-9.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5953",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-18T13:32:13.391886Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-18T13:33:04.416Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:25:03.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:4633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4633"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-5953"
          },
          {
            "name": "RHBZ#2292104",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292104"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/389ds/389-ds-base",
          "defaultStatus": "affected",
          "packageName": "389-ds-base"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server_e4s:11.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.5 E4S for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250210084424.0ca98e7e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.7 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240909040333.f969626e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11.9::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.9 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240902112955.37ed7c03",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server_eus:12.2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12",
          "product": "Red Hat Directory Server 12.2 EUS for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020240916150035.1674d574",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12",
          "product": "Red Hat Directory Server 12.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9040020240723122852.1674d574",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.11.1-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds:1.4",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240910065753.25e700aa",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds:1.4",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240807050952.6dbb3803",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.5-9.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.2.4-9.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by T\u00eako Mihinto (Red Hat)."
        }
      ],
      "datePublic": "2024-06-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A denial of service vulnerability was found in the 389-ds-base LDAP server. This issue may allow an authenticated user to cause a server denial of service while attempting to log in with a user with a malformed hash in their password."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1288",
              "description": "Improper Validation of Consistency within Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:41:45.468Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4633"
        },
        {
          "name": "RHSA-2024:4997",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4997"
        },
        {
          "name": "RHSA-2024:5192",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5192"
        },
        {
          "name": "RHSA-2024:5690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5690"
        },
        {
          "name": "RHSA-2024:6153",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6153"
        },
        {
          "name": "RHSA-2024:6568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6568"
        },
        {
          "name": "RHSA-2024:6569",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6569"
        },
        {
          "name": "RHSA-2024:6576",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6576"
        },
        {
          "name": "RHSA-2024:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7458"
        },
        {
          "name": "RHSA-2025:1632",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1632"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-5953"
        },
        {
          "name": "RHBZ#2292104",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292104"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-13T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-06-13T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "389-ds-base: malformed userpassword hash may cause denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-1288: Improper Validation of Consistency within Input"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-5953",
    "datePublished": "2024-06-18T10:01:56.714Z",
    "dateReserved": "2024-06-13T04:20:35.951Z",
    "dateUpdated": "2025-08-03T08:41:45.468Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-47712 (GCVE-0-2025-47712)
Vulnerability from cvelistv5
Published
2025-06-09 05:58
Modified
2025-07-29 18:24
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw exists in the nbdkit "blocksize" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service.
Impacted products
Vendor Product Version
Version: 1.21.16   
Version: 1.40.0   
Version: 1.42.0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-47712",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-09T18:23:40.258686Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-09T18:24:05.328Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://nbdkit.org/",
          "defaultStatus": "unaffected",
          "packageName": "nbdkit",
          "versions": [
            {
              "lessThan": "1.38.6",
              "status": "affected",
              "version": "1.21.16",
              "versionType": "semver"
            },
            {
              "lessThan": "1.40.6",
              "status": "affected",
              "version": "1.40.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.42.3",
              "status": "affected",
              "version": "1.42.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "nbdkit",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "nbdkit",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "virt:rhel/nbdkit",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "unknown",
          "packageName": "virt:8.2/nbdkit",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "unknown",
          "packageName": "virt:av/nbdkit",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "nbdkit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw exists in the nbdkit \"blocksize\" filter that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in the nbdkit, leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T18:24:11.436Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-47712"
        },
        {
          "name": "RHBZ#2365724",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365724"
        },
        {
          "url": "https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/67E7AASHHADIY7VAD3FFW2I67LTWVWYF/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-12T20:59:53.759000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-23T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Nbd: nbdkit: integer overflow triggers an assertion resulting in denial of service",
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-47712",
    "datePublished": "2025-06-09T05:58:41.198Z",
    "dateReserved": "2025-05-07T21:08:45.449Z",
    "dateUpdated": "2025-07-29T18:24:11.436Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26598 (GCVE-0-2025-26598)
Vulnerability from cvelistv5
Published
2025-02-25 15:54
Modified
2025-07-29 00:19
CWE
Summary
An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26598 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345254 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26598",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T16:24:04.385893Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T16:24:43.094Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:19:56.036Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26598"
        },
        {
          "name": "RHBZ#2345254",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345254"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:15:01.664000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: out-of-bounds write in createpointerbarrierclient()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26598",
    "datePublished": "2025-02-25T15:54:57.355Z",
    "dateReserved": "2025-02-12T14:12:22.796Z",
    "dateUpdated": "2025-07-29T00:19:56.036Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7383 (GCVE-0-2024-7383)
Vulnerability from cvelistv5
Published
2024-08-05 13:19
Modified
2025-08-06 05:17
CWE
  • CWE-295 - Improper Certificate Validation
Summary
A flaw was found in libnbd. The client did not always correctly verify the NBD server's certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic.
Impacted products
Vendor Product Version
Version: 1.18.0   
Version: 1.20.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240905091210.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240905091210.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.18.1-4.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7383",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-06T16:15:33.971325Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-06T16:15:54.882Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/nbdkit/libnbd",
          "defaultStatus": "unaffected",
          "packageName": "libnbd",
          "versions": [
            {
              "lessThan": "1.18.5",
              "status": "affected",
              "version": "1.18.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.20.2",
              "status": "affected",
              "version": "1.20.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:rhel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240905091210.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240905091210.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libnbd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.18.1-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libnbd",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/libnbd",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jon Szymaniak for reporting this issue."
        }
      ],
      "datePublic": "2024-06-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libnbd. The client did not always correctly verify the NBD server\u0027s certificate when using TLS to connect to an NBD server. This issue allows a man-in-the-middle attack on NBD traffic."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T05:17:56.700Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:6757",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6757"
        },
        {
          "name": "RHSA-2024:6964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-7383"
        },
        {
          "name": "RHBZ#2302865",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302865"
        },
        {
          "url": "https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/message/LHR3BW6RJ7K4BJBQIYV3GTZLSY27VZO2"
        },
        {
          "url": "https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/ENZY4LHLARA3N4C3JUNLPYUCXHFO7BWQ/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-04T15:38:14.534000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-06-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libnbd: nbd server improper certificate validation",
      "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-7383",
    "datePublished": "2024-08-05T13:19:13.933Z",
    "dateReserved": "2024-08-01T14:01:54.833Z",
    "dateUpdated": "2025-08-06T05:17:56.700Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8775 (GCVE-0-2024-8775)
Vulnerability from cvelistv5
Published
2024-09-14 02:15
Modified
2025-07-05 05:25
CWE
  • CWE-532 - Insertion of Sensitive Information into Log File
Summary
A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions.
References
Impacted products
Vendor Product Version
Version: 1.0.0    2.17.4
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 3.0.1-96   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 3.0.1-95   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.9.27-32   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.18.0-1   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.15.12-17   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Discovery 1 for RHEL 9 Unaffected: 1.12.0-1   < *
    cpe:/o:redhat:discovery:1.0::el9
Create a notification for this product.
   Red Hat Discovery 1 for RHEL 9 Unaffected: 1.12.0-1   < *
    cpe:/o:redhat:discovery:1.0::el9
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8 Unaffected: 1:2.15.13-1.el8ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
    cpe:/a:redhat:ansible_automation_platform:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9 Unaffected: 1:2.15.13-1.el9ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
    cpe:/a:redhat:ansible_automation_platform:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 8 Unaffected: 1:2.16.13-1.el8ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 9 Unaffected: 1:2.16.13-1.el9ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8775",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-16T14:21:23.423396Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-16T14:29:01.960Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ansible/ansible",
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "versions": [
            {
              "lessThanOrEqual": "2.17.4",
              "status": "affected",
              "version": "1.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-96",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-95",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-29-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.9.27-32",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.18.0-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.15.12-17",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/o:redhat:discovery:1.0::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-server-rhel9",
          "product": "Discovery 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.12.0-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/o:redhat:discovery:1.0::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery/discovery-ui-rhel9",
          "product": "Discovery 1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.12.0-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.15.13-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.15.13-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.13-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.13-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/bootc-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-13T08:35:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Ansible, where sensitive information stored in Ansible Vault files can be exposed in plaintext during the execution of a playbook. This occurs when using tasks such as include_vars to load vaulted variables without setting the no_log: true parameter, resulting in sensitive data being printed in the playbook output or logs. This can lead to the unintentional disclosure of secrets like passwords or API keys, compromising security and potentially allowing unauthorized access or actions."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-532",
              "description": "Insertion of Sensitive Information into Log File",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T05:25:54.371Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10762",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10762"
        },
        {
          "name": "RHSA-2024:8969",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8969"
        },
        {
          "name": "RHSA-2024:9894",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9894"
        },
        {
          "name": "RHSA-2025:1249",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1249"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8775"
        },
        {
          "name": "RHBZ#2312119",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312119"
        },
        {
          "url": "https://github.com/advisories/GHSA-jpxc-vmjf-9fcj"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-13T08:31:27.781000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-13T08:35:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Ansible-core: exposure of sensitive information in ansible vault files due to improper logging",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-532: Insertion of Sensitive Information into Log File"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8775",
    "datePublished": "2024-09-14T02:15:14.907Z",
    "dateReserved": "2024-09-13T09:06:07.367Z",
    "dateUpdated": "2025-07-05T05:25:54.371Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1118 (GCVE-0-2025-1118)
Vulnerability from cvelistv5
Published
2025-02-19 17:54
Modified
2025-07-29 11:04
CWE
  • CWE-501 - Trust Boundary Violation
Summary
A flaw was found in grub2. Grub's dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1118",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T17:23:06.868981Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T17:24:24.515Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. Grub\u0027s dump command is not blocked when grub is in lockdown mode, which allows the user to read any memory information, and an attacker may leverage this in order to extract signatures, salts, and other sensitive information from the memory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-501",
              "description": "Trust Boundary Violation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T11:04:34.191Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-1118"
        },
        {
          "name": "RHBZ#2346137",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346137"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T17:26:24.670000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: commands/dump: the dump command is not in lockdown when secure boot is enabled",
      "x_redhatCweChain": "CWE-501: Trust Boundary Violation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-1118",
    "datePublished": "2025-02-19T17:54:27.651Z",
    "dateReserved": "2025-02-07T16:58:08.564Z",
    "dateUpdated": "2025-07-29T11:04:34.191Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4056 (GCVE-0-2025-4056)
Vulnerability from cvelistv5
Published
2025-07-28 12:40
Modified
2025-08-13 19:42
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines.
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4056",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-28T13:24:15.714913Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-28T13:24:30.739Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/glib",
          "defaultStatus": "unaffected",
          "packageName": "glib",
          "versions": [
            {
              "lessThan": "2.84.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glycin-loaders",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "loupe",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. A denial of service on Windows platforms may occur if an application attempts to spawn a program using long command lines."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-13T19:42:04.333Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4056"
        },
        {
          "name": "RHBZ#2362826",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2362826"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3668"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-29T02:00:57.397000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-29T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Glib: glib crash after long command line",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4056",
    "datePublished": "2025-07-28T12:40:29.298Z",
    "dateReserved": "2025-04-29T02:04:01.099Z",
    "dateUpdated": "2025-08-13T19:42:04.333Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2784 (GCVE-0-2025-2784)
Vulnerability from cvelistv5
Published
2025-04-03 01:40
Modified
2025-07-29 06:53
CWE
Summary
A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server.
References
https://access.redhat.com/errata/RHSA-2025:7505 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8126 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8132 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8139 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8140 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8252 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8480 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8481 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8482 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8663 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-2784 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2354669 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libsoup/-/issues/422
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.5   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.5   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.5   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.5   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.5   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2784",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T13:36:03.192367Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T13:36:07.757Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/422"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-03-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The package is vulnerable to a heap buffer over-read when sniffing content via the skip_insight_whitespace() function. Libsoup clients may read one byte out-of-bounds in response to a crafted HTTP response by an HTTP server."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T06:53:50.986Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7505"
        },
        {
          "name": "RHSA-2025:8126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8126"
        },
        {
          "name": "RHSA-2025:8132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8132"
        },
        {
          "name": "RHSA-2025:8139",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8139"
        },
        {
          "name": "RHSA-2025:8140",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8140"
        },
        {
          "name": "RHSA-2025:8252",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8252"
        },
        {
          "name": "RHSA-2025:8480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8480"
        },
        {
          "name": "RHSA-2025:8481",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8481"
        },
        {
          "name": "RHSA-2025:8482",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8482"
        },
        {
          "name": "RHSA-2025:8663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8663"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-2784"
        },
        {
          "name": "RHBZ#2354669",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2354669"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/422"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-03-25T01:57:31.752000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-03-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: heap buffer over-read in `skip_insignificant_space` when sniffing content",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-2784",
    "datePublished": "2025-04-03T01:40:12.164Z",
    "dateReserved": "2025-03-25T01:57:20.112Z",
    "dateUpdated": "2025-07-29T06:53:50.986Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45615 (GCVE-0-2024-45615)
Vulnerability from cvelistv5
Published
2024-09-03 21:19
Modified
2025-07-29 14:14
CWE
  • CWE-457 - Use of Uninitialized Variable
Summary
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. The problem is missing initialization of variables expected to be initialized (as arguments to other functions, etc.).
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45615",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:31:03.434412Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:31:12.425Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "unaffected",
          "packageName": "libopensc",
          "versions": [
            {
              "lessThan": "0.26.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. \nThe problem is missing  initialization of variables expected to be initialized (as arguments to other functions, etc.)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-457",
              "description": "Use of Uninitialized Variable",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:14:50.305Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45615"
        },
        {
          "name": "RHBZ#2309285",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309285"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-02T18:12:21.612000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: pkcs15init: usage of uninitialized values in libopensc and pkcs15init",
      "x_redhatCweChain": "CWE-457: Use of Uninitialized Variable"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45615",
    "datePublished": "2024-09-03T21:19:51.000Z",
    "dateReserved": "2024-09-02T18:28:35.895Z",
    "dateUpdated": "2025-07-29T14:14:50.305Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52615 (GCVE-0-2024-52615)
Vulnerability from cvelistv5
Published
2024-11-21 20:34
Modified
2025-07-28 14:45
CWE
  • CWE-330 - Use of Insufficiently Random Values
Summary
A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected.
References
https://access.redhat.com/errata/RHSA-2025:11402 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-52615 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2326418 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:0.8-22.el9_6.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:0.8-22.el9_6.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52615",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-21T21:06:27.515199Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-21T21:12:09.339Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/avahi/avahi/",
          "defaultStatus": "unaffected",
          "packageName": "avahi",
          "versions": [
            {
              "lessThan": "0.9",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "avahi",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.8-22.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "avahi",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.8-22.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "avahi",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "avahi",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "avahi",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-330",
              "description": "Use of Insufficiently Random Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T14:45:24.925Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:11402",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11402"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-52615"
        },
        {
          "name": "RHBZ#2326418",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326418"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-15T08:39:36.023000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-15T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Avahi: avahi wide-area dns uses constant source port",
      "x_redhatCweChain": "CWE-330: Use of Insufficiently Random Values"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-52615",
    "datePublished": "2024-11-21T20:34:00.981Z",
    "dateReserved": "2024-11-15T08:38:03.183Z",
    "dateUpdated": "2025-07-28T14:45:24.925Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49178 (GCVE-0-2025-49178)
Vulnerability from cvelistv5
Published
2025-06-17 14:54
Modified
2025-07-15 01:17
CWE
Summary
A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.
References
https://access.redhat.com/errata/RHSA-2025:10258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10342 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10344 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10346 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10347 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10348 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10349 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10350 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10351 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10352 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10355 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10356 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10360 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10370 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10375 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10376 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10377 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10378 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10381 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10410 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9303 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9304 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9305 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9306 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9392 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49178 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369977 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7.7 Advanced Update Support Unaffected: 0:1.8.0-17.el7_7.1   < *
    cpe:/o:redhat:rhel_aus:7.7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-32.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9.2   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-26.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-18.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.15.0-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.14   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.20.6-4.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-31.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-4.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:21.1.3-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.20.11-11.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.15   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:21.1.3-8.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.20.11-18.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.12.0-14.el9_2.12   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:22.1.9-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.20.11-26.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/a:redhat:rhel_eus:9.4::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.7   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49178",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:05:17.851006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:05:29.353Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X server\u0027s request handling. Non-zero \u0027bytes to ignore\u0027 in a client\u0027s request can cause the server to skip processing another client\u0027s request, potentially leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-667",
              "description": "Improper Locking",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:17:40.427Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49178"
        },
        {
          "name": "RHBZ#2369977",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:00:49.274000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-667: Improper Locking"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49178",
    "datePublished": "2025-06-17T14:54:42.646Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:17:40.427Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0690 (GCVE-0-2025-0690)
Vulnerability from cvelistv5
Published
2025-02-24 07:53
Modified
2025-06-16 16:47
CWE
Summary
The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence.
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0690",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-24T11:17:51.239076Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-16T16:47:24.259Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it\u0027s possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub\u0027s internal critical data and secure boot bypass is not discarded as consequence."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-13T20:04:39.231Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0690"
        },
        {
          "name": "RHBZ#2346123",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346123"
        },
        {
          "url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:37:14.300000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: read: integer overflow may lead to out-of-bounds write",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190-\u003eCWE-787: Integer Overflow or Wraparound leads to Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0690",
    "datePublished": "2025-02-24T07:53:30.081Z",
    "dateReserved": "2025-01-23T20:01:36.565Z",
    "dateUpdated": "2025-06-16T16:47:24.259Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9407 (GCVE-0-2024-9407)
Vulnerability from cvelistv5
Published
2024-10-01 20:13
Modified
2025-08-03 08:47
CWE
  • CWE-20 - Improper Input Validation
Summary
A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files.
References
https://access.redhat.com/errata/RHSA-2024:10147 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8846 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9051 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9926 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9407 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2315887 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241023085649.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:1.33.11-1.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411201433-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9407",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-01T20:38:18.374514Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-01T20:38:33.629Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-20T13:06:46.310Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241220-0010/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/podman",
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "versions": [
            {
              "lessThan": "5.2.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://github.com/containers/buildah",
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "versions": [
            {
              "lessThan": "1.37.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020241023085649.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-16.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:5.2.2-9.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.5-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.11-1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202411201433-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Erik Sj\u00f6lund (Upstream) for reporting this issue."
        }
      ],
      "datePublic": "2024-10-01T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability exists in the bind-propagation option of the Dockerfile RUN --mount instruction. The system does not properly validate the input passed to this option, allowing users to pass arbitrary parameters to the mount instruction. This issue can be exploited to mount sensitive directories from the host into a container during the build process and, in some cases, modify the contents of those mounted files. Even if SELinux is used, this vulnerability can bypass its protection by allowing the source directory to be relabeled to give the container access to host files."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:47:42.103Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10147",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10147"
        },
        {
          "name": "RHSA-2024:8846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8846"
        },
        {
          "name": "RHSA-2024:9051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9051"
        },
        {
          "name": "RHSA-2024:9454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9454"
        },
        {
          "name": "RHSA-2024:9459",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9459"
        },
        {
          "name": "RHSA-2024:9926",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9926"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9407"
        },
        {
          "name": "RHBZ#2315887",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315887"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-01T10:33:54.248000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-01T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Buildah: podman: improper input validation in bind-propagation option of dockerfile run --mount instruction",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9407",
    "datePublished": "2024-10-01T20:13:29.588Z",
    "dateReserved": "2024-10-01T10:55:34.838Z",
    "dateUpdated": "2025-08-03T08:47:42.103Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0686 (GCVE-0-2025-0686)
Vulnerability from cvelistv5
Published
2025-03-03 17:14
Modified
2025-07-28 17:35
CWE
Summary
A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub's romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution by-passing secure boot protections.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0686",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T16:11:43.388154Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T16:12:08.515Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When performing a symlink lookup from a romfs filesystem, grub\u0027s romfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciously crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_romfs_read_symlink() may cause out-of-bounds writes when the calling grub_disk_read() function. This issue may be leveraged to corrupt grub\u0027s internal critical data and can result in arbitrary code execution by-passing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T17:35:05.229Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0686"
        },
        {
          "name": "RHBZ#2346121",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346121"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:30:22.191000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: romfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading dat",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0686",
    "datePublished": "2025-03-03T17:14:30.632Z",
    "dateReserved": "2025-01-23T19:13:28.900Z",
    "dateUpdated": "2025-07-28T17:35:05.229Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-2487 (GCVE-0-2025-2487)
Vulnerability from cvelistv5
Published
2025-03-18 16:25
Modified
2025-08-06 05:18
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash.
References
https://access.redhat.com/errata/RHSA-2025:3663 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3670 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4491 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7395 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-2487 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2353071 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 2.4.0    2.4.6
Version: 2.5.0    2.5.3
Version: 2.6.0    2.6.1
Version: 3.0.0    3.0.6
Create a notification for this product.
   Red Hat Red Hat Directory Server 12.4 EUS for RHEL 9 Unaffected: 9040020250325181857.1674d574   < *
    cpe:/a:redhat:directory_server_eus:12.4::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.5.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.6.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.4.5-14.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::crb
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Directory Server 12     cpe:/a:redhat:directory_server:12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-2487",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-18T17:48:01.841358Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-18T17:48:16.354Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/389ds/389-ds-base/",
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "versions": [
            {
              "lessThanOrEqual": "2.4.6",
              "status": "affected",
              "version": "2.4.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.5.3",
              "status": "affected",
              "version": "2.5.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "2.6.1",
              "status": "affected",
              "version": "2.6.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "3.0.6",
              "status": "affected",
              "version": "3.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server_eus:12.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12",
          "product": "Red Hat Directory Server 12.4 EUS for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9040020250325181857.1674d574",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.2-9.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.6.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.5-14.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12"
          ],
          "defaultStatus": "unaffected",
          "packageName": "redhat-ds:12/389-ds-base",
          "product": "Red Hat Directory Server 12",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "389-ds:1.4/389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-03-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the 389-ds-base LDAP Server. This issue occurs when issuing a Modify DN LDAP operation through the ldap protocol, when the function return value is not tested and a NULL pointer is dereferenced. If a privileged user performs a ldap MODDN operation after a failed operation, it could lead to a Denial of Service (DoS) or system crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 4.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T05:18:29.440Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:3663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3663"
        },
        {
          "name": "RHSA-2025:3670",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3670"
        },
        {
          "name": "RHSA-2025:4491",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4491"
        },
        {
          "name": "RHSA-2025:7395",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7395"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-2487"
        },
        {
          "name": "RHBZ#2353071",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2353071"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-03-18T02:20:00.627000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-03-18T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "389-ds-base: null pointer dereference leads to denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-2487",
    "datePublished": "2025-03-18T16:25:43.712Z",
    "dateReserved": "2025-03-18T02:33:34.463Z",
    "dateUpdated": "2025-08-06T05:18:29.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45617 (GCVE-0-2024-45617)
Vulnerability from cvelistv5
Published
2024-09-03 21:20
Modified
2025-07-29 14:17
CWE
  • CWE-457 - Use of Uninitialized Variable
Summary
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45617",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:29:27.537151Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:29:36.631Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "unaffected",
          "packageName": "libopensc",
          "versions": [
            {
              "lessThan": "0.26.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. \n\nInsufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-457",
              "description": "Use of Uninitialized Variable",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:17:09.338Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45617"
        },
        {
          "name": "RHBZ#2309286",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309286"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-02T18:12:44.486000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: uninitialized values after incorrect or missing checking return values of functions in libopensc",
      "x_redhatCweChain": "CWE-457: Use of Uninitialized Variable"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45617",
    "datePublished": "2024-09-03T21:20:53.782Z",
    "dateReserved": "2024-09-02T18:28:35.895Z",
    "dateUpdated": "2025-07-29T14:17:09.338Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6021 (GCVE-0-2025-6021)
Vulnerability from cvelistv5
Published
2025-06-12 12:49
Modified
2025-08-14 09:07
CWE
  • CWE-121 - Stack-based Buffer Overflow
Summary
A flaw was found in libxml2's xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input.
References
https://access.redhat.com/errata/RHSA-2025:10630 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10698 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10699 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11580 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12098 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12099 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12199 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12237 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12239 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12240 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12241 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13267 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13289 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13325 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13335 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13336 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6021 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2372406 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.12.5-7.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.9.1-6.el7_9.10   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.9.7-9.el8_2.3   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-9.el8_4.6   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:2.9.7-9.el8_4.6   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:2.9.7-16.el8_8.9   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/o:redhat:rhel_e4s:8.8::baseos
    cpe:/o:redhat:rhel_tus:8.8::baseos
    cpe:/a:redhat:rhel_e4s:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:2.9.7-16.el8_8.9   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/o:redhat:rhel_e4s:8.8::baseos
    cpe:/o:redhat:rhel_tus:8.8::baseos
    cpe:/a:redhat:rhel_e4s:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-10.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-10.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.9.13-1.el9_0.5   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
    cpe:/o:redhat:rhel_e4s:9.0::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.9.13-3.el9_2.7   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
    cpe:/o:redhat:rhel_e4s:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.9.13-10.el9_4   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202508041909-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202508050040-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 418.94.202508060022-0   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat Discovery 2 Unaffected: sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344   < *
    cpe:/a:redhat:discovery:2::el9
Create a notification for this product.
   Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d   < *
    cpe:/a:redhat:insights_proxy:1.5::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat JBoss Core Services     cpe:/a:redhat:jboss_core_services:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6021",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-12T13:15:36.140062Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-12T13:16:31.182Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.12.5-7.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.1-6.el7_9.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/o:redhat:rhel_tus:8.8::baseos",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/o:redhat:rhel_tus:8.8::baseos",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-1.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-3.el9_2.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202508041909-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202508050040-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "418.94.202508060022-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ad07f55ee75fb20310c88f154a04665bd8465d138d66c665c300f61447858344",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Ahmed Lekssays for reporting this issue."
        }
      ],
      "datePublic": "2025-06-12T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libxml2\u0027s xmlBuildQName function, where integer overflows in buffer size calculations can lead to a stack-based buffer overflow. This issue can result in memory corruption or a denial of service when processing crafted input."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T09:07:19.438Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10630"
        },
        {
          "name": "RHSA-2025:10698",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10698"
        },
        {
          "name": "RHSA-2025:10699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10699"
        },
        {
          "name": "RHSA-2025:11580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11580"
        },
        {
          "name": "RHSA-2025:12098",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12098"
        },
        {
          "name": "RHSA-2025:12099",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12099"
        },
        {
          "name": "RHSA-2025:12199",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12199"
        },
        {
          "name": "RHSA-2025:12237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12237"
        },
        {
          "name": "RHSA-2025:12239",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12239"
        },
        {
          "name": "RHSA-2025:12240",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12240"
        },
        {
          "name": "RHSA-2025:12241",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12241"
        },
        {
          "name": "RHSA-2025:13267",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13267"
        },
        {
          "name": "RHSA-2025:13289",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13289"
        },
        {
          "name": "RHSA-2025:13325",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13325"
        },
        {
          "name": "RHSA-2025:13335",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13335"
        },
        {
          "name": "RHSA-2025:13336",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13336"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6021"
        },
        {
          "name": "RHBZ#2372406",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372406"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-12T07:55:45.428000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-12T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxml2: integer overflow in xmlbuildqname() leads to stack buffer overflow in libxml2",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability. Users are strongly advised to apply vendor-supplied patches as soon as they become available to address the underlying integer overflow flaw in the affected code."
        }
      ],
      "x_redhatCweChain": "(CWE-190|CWE-121): Integer Overflow or Wraparound or Stack-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6021",
    "datePublished": "2025-06-12T12:49:16.157Z",
    "dateReserved": "2025-06-12T05:52:54.211Z",
    "dateUpdated": "2025-08-14T09:07:19.438Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3727 (GCVE-0-2024-3727)
Vulnerability from cvelistv5
Published
2024-05-09 14:57
Modified
2025-07-23 20:01
CWE
  • CWE-354 - Improper Validation of Integrity Check Value
Summary
A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks.
References
https://access.redhat.com/errata/RHSA-2024:0045 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3718 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4159 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4613 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4850 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4960 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5951 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6054 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6122 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6708 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6818 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6824 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7164 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7174 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7182 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7187 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7922 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7941 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8260 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8425 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9097 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9098 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9102 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9960 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3727 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2274767 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 5.30.0   
Create a notification for this product.
   Red Hat OADP-1.3-RHEL-9 Unaffected: 1.3.4-9   < *
    cpe:/a:redhat:openshift_api_data_protection:1.3::el9
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-4   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.5-3   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-1   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.2-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240808093819.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.2-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.16.1-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:5.2.2-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Migration Toolkit for Containers 1.8 Unaffected: v1.8.4-22   < *
    cpe:/a:redhat:rhmt:1.8::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-13.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift_ironic:4.13::el9
    cpe:/a:redhat:openshift:4.13::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 2:1.11.3-3.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift_ironic:4.13::el9
    cpe:/a:redhat:openshift:4.13::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-19.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift_ironic:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 2:1.11.3-3.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift_ironic:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202409162258-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-30.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift_ironic:4.15::el9
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 2:1.11.3-4.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift_ironic:4.15::el9
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202410230304.p0.g366295f.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-5.1.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 2:1.14.4-1.rhaos4.16.el9   < *
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.5-7.rhaos4.16.git7db4ada.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202407171536.p0.g1551101.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202409231504.p0.g342902b.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat RHEL-9-CNV-4.15 Unaffected: v4.15.5-7   < *
    cpe:/a:redhat:container_native_virtualization:4.15::el9
Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
Create a notification for this product.
   Red Hat Multicluster Engine for Kubernetes     cpe:/a:redhat:multicluster_engine
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Source-to-Image (S2I)     cpe:/a:redhat:source_to_image:1
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 3     cpe:/a:redhat:advanced_cluster_security:3
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform Assisted Installer 1     cpe:/a:redhat:assisted_installer:1
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform Assisted Installer 1     cpe:/a:redhat:assisted_installer:1
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform Assisted Installer 1     cpe:/a:redhat:assisted_installer:1
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
Create a notification for this product.
   Red Hat Red Hat Openshift Sandboxed Containers     cpe:/a:redhat:openshift_sandboxed_containers:1
Create a notification for this product.
   Red Hat Red Hat Openshift Sandboxed Containers     cpe:/a:redhat:openshift_sandboxed_containers:1
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3727",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-13T17:59:41.318223Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:33:13.046Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:20:01.029Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:0045",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:0045"
          },
          {
            "name": "RHSA-2024:4159",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4159"
          },
          {
            "name": "RHSA-2024:4613",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4613"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3727"
          },
          {
            "name": "RHBZ#2274767",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HEYS34N55G7NOQZKNEXZKQVNDGEICCD/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6B37TXOKTKDBE2V26X2NSP7JKNMZOFVP/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CYT3D2P3OJKISNFKOOHGY6HCUCQZYAVR/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DLND3YDQQRWVRIUPL2G5UKXP5L3VSBBT/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DTOMYERG5ND4QFDHC4ZSGCED3T3ESRSC/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FBZQ2ZRMFEUQ35235B2HWPSXGDCBZHFV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GD2GSBQTBLYADASUBHHZV2CZPTSLIPQJ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QFXMF3VVKIZN7ZMB7PKZCSWV6MOMTGMQ/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/SFVSMR7TNLO2KPWJSW4CF64C2QMQXCIN/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/image",
          "defaultStatus": "unaffected",
          "packageName": "image",
          "versions": [
            {
              "lessThan": "5.29.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "5.30.1",
              "status": "affected",
              "version": "5.30.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_api_data_protection:1.3::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "oadp/oadp-velero-plugin-rhel9",
          "product": "OADP-1.3-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1.3.4-9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.5-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-collector-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-operator-bundle",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.2-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240808093819.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.2-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.16.1-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:5.2.2-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:rhmt:1.8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhmtc/openshift-migration-controller-rhel8",
          "product": "Red Hat Migration Toolkit for Containers 1.8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v1.8.4-22",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift_ironic:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-13.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift_ironic:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.3-3.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.0-202407260439.p0.g8d9b39e.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift_ironic:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-19.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift_ironic:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.3-3.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/network-tools-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409172305.p0.g17536c8.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-api-server-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409171307.p0.ged4651a.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161436.p0.g1f44c02.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-alibaba-machine-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.gf7f5eed.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-apiserver-network-proxy-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409131835.p0.gadccbd5.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-autoscaler-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g8425d88.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-control-plane-machine-set-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409130735.p0.gc03231f.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-ingress-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409131635.p0.gb73e37f.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-network-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161836.p0.g092d15b.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-node-tuning-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180105.p0.g1fdd5b0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-console",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180905.p0.gf6f61ca.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409171307.p0.g160e7ca.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-hypershift-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409131635.p0.gb7c1d6a.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-insights-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409111636.p0.gf0c44f6.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-api-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g3ab953d.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-multus-admission-controller-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409111636.p0.g9ea52de.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-multus-whereabouts-ipam-cni-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409111636.p0.gd80fe46.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-nutanix-machine-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g8de6f94.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-openshift-controller-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409171307.p0.g5d529dd.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-registry-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180305.p0.g1da79fe.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-ovn-kubernetes-microshift-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-ovn-kubernetes-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409172305.p0.g5af0be8.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-powervs-cloud-controller-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409130536.p0.g1d6a7ed.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-powervs-machine-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161436.p0.g4121cfc.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-sdn-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409120135.p0.g71a6f28.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-tests",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409180705.p0.g95ee44e.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-tools-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202409161234.p0.g4e8d689.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202409162258-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-30.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.11.3-4.rhaos4.15.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202410230304.p0.g366295f.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel8",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202410230304.p0.gfde2b2e.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202407230407.p0.gf3f8de5.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-5.1.rhaos4.16.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.14.4-1.rhaos4.16.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.29.5-7.rhaos4.16.git7db4ada.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202407171536.p0.g1551101.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202409162206.p0.g6a425ab.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202409231504.p0.g342902b.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202410172201.p0.gb121e87.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409122005.p0.gb170ad0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-operator-controller-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409100034.p0.g8d16b39.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-lifecycle-manager-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-operator-registry-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202409101338.p0.gb0d86a0.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202410022234.p0.gfbc55c6.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/oc-mirror-plugin-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502100934.p0.gc00c7c9.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-api-server-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502040032.p0.ge5a4005.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-node-agent-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502041302.p0.g51a74ac.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-orchestrator-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202501230001.p0.g5348c85.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502100153.p0.g120ba67.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-openshift-apiserver-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202502060238.p0.g73d65db.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-controller-rhel9",
          "product": "RHEL-9-CNV-4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.5-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/agent-service-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/assisted-installer-agent-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/assisted-installer-reporter-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/assisted-installer-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_engine"
          ],
          "defaultStatus": "unaffected",
          "packageName": "multicluster-engine/hive-rhel8",
          "product": "Multicluster Engine for Kubernetes",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/client-kn-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-clients",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:source_to_image:1"
          ],
          "defaultStatus": "affected",
          "packageName": "source-to-image-container",
          "product": "OpenShift Source-to-Image (S2I)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhacm2/submariner-rhel8-operator",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:3"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift-clients",
          "product": "Red Hat Ansible Automation Platform 1.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift-clients",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/buildah",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/conmon",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/containers-common",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:4.0/podman",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/skopeo",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:3.11"
          ],
          "defaultStatus": "unknown",
          "packageName": "atomic-openshift",
          "product": "Red Hat OpenShift Container Platform 3.11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:3.11"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 3.11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-agent-installer-csr-approver-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-baremetal-installer-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cli",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cli-artifacts",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-deployer",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-installer",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-installer-altinfra-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-installer-artifacts",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-rukpak-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-openshift-proxy-pull-test-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ose-installer-terraform-providers-container",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:assisted_installer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhai-tech-preview/assisted-installer-agent-rhel8",
          "product": "Red Hat OpenShift Container Platform Assisted Installer 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:assisted_installer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhai-tech-preview/assisted-installer-reporter-rhel8",
          "product": "Red Hat OpenShift Container Platform Assisted Installer 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:assisted_installer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhai-tech-preview/assisted-installer-rhel8",
          "product": "Red Hat OpenShift Container Platform Assisted Installer 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3:"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/udi-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_sandboxed_containers:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-sandboxed-containers/osc-must-gather-rhel8",
          "product": "Red Hat Openshift Sandboxed Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_sandboxed_containers:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-sandboxed-containers/osc-rhel8-operator",
          "product": "Red Hat Openshift Sandboxed Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-apiserver",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-apiserver-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-cloner",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-cloner-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-controller",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-importer",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-importer-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-operator",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-operator-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadproxy",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadproxy-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadserver",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/virt-cdi-uploadserver-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "osp-director-provisioner-container",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:quay:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "quay/quay-builder-rhel8",
          "product": "Red Hat Quay 3",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-05-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the github.com/containers/image library. This flaw allows attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-354",
              "description": "Improper Validation of Integrity Check Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-23T20:01:49.040Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:0045",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:0045"
        },
        {
          "name": "RHSA-2024:3718",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3718"
        },
        {
          "name": "RHSA-2024:4159",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4159"
        },
        {
          "name": "RHSA-2024:4613",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4613"
        },
        {
          "name": "RHSA-2024:4850",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4850"
        },
        {
          "name": "RHSA-2024:4960",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4960"
        },
        {
          "name": "RHSA-2024:5258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5258"
        },
        {
          "name": "RHSA-2024:5951",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5951"
        },
        {
          "name": "RHSA-2024:6054",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6054"
        },
        {
          "name": "RHSA-2024:6122",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6122"
        },
        {
          "name": "RHSA-2024:6708",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6708"
        },
        {
          "name": "RHSA-2024:6818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6818"
        },
        {
          "name": "RHSA-2024:6824",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6824"
        },
        {
          "name": "RHSA-2024:7164",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7164"
        },
        {
          "name": "RHSA-2024:7174",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7174"
        },
        {
          "name": "RHSA-2024:7182",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7182"
        },
        {
          "name": "RHSA-2024:7187",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7187"
        },
        {
          "name": "RHSA-2024:7922",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7922"
        },
        {
          "name": "RHSA-2024:7941",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7941"
        },
        {
          "name": "RHSA-2024:8260",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8260"
        },
        {
          "name": "RHSA-2024:8425",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8425"
        },
        {
          "name": "RHSA-2024:9097",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9097"
        },
        {
          "name": "RHSA-2024:9098",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9098"
        },
        {
          "name": "RHSA-2024:9102",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9102"
        },
        {
          "name": "RHSA-2024:9960",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9960"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3727"
        },
        {
          "name": "RHBZ#2274767",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274767"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-12T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-05-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Containers/image: digest type does not guarantee valid type",
      "x_redhatCweChain": "CWE-354: Improper Validation of Integrity Check Value"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3727",
    "datePublished": "2024-05-09T14:57:21.327Z",
    "dateReserved": "2024-04-12T17:56:37.261Z",
    "dateUpdated": "2025-07-23T20:01:49.040Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26465 (GCVE-0-2025-26465)
Vulnerability from cvelistv5
Published
2025-02-18 18:27
Modified
2025-08-14 13:06
CWE
  • CWE-390 - Detection of Error Condition Without Action
Summary
A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.
References
Impacted products
Vendor Product Version
Version: 6.8p1   <
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-45.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-45.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:8.7p1-38.el9_4.5   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:f33991d766b618a128fb99fbe4f9b61c5004f7c6aa73b2b38e28d59e56c64d63   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-03-03T17:48:15.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00020.html"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/02/18/1"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/02/18/4"
          },
          {
            "url": "https://www.theregister.com/2025/02/18/openssh_vulnerabilities_mitm_dos/"
          },
          {
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1237040"
          },
          {
            "url": "https://security-tracker.debian.org/tracker/CVE-2025-26465"
          },
          {
            "url": "https://ftp.openbsd.org/pub/OpenBSD/patches/7.6/common/008_ssh.patch.sig"
          },
          {
            "url": "https://ubuntu.com/security/CVE-2025-26465"
          },
          {
            "url": "https://www.openssh.com/releasenotes.html#9.9p2"
          },
          {
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2025/02/18/qualys-tru-discovers-two-vulnerabilities-in-openssh-cve-2025-26465-cve-2025-26466"
          },
          {
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-February/000161.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250228-0003/"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-26465-detect-vulnerable-openssh"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/cve-2025-26465-mitigate-vulnerable-openssh"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26465",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T15:02:09.369445Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T15:02:45.555Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://seclists.org/oss-sec/2025/q1/144"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.9p1",
              "status": "affected",
              "version": "6.8p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-45.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-45.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:f33991d766b618a128fb99fbe4f9b61c5004f7c6aa73b2b38e28d59e56c64d63",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client\u0027s memory resource first, turning the attack complexity high."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-390",
              "description": "Detection of Error Condition Without Action",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T13:06:48.611Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:3837",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3837"
        },
        {
          "name": "RHSA-2025:6993",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6993"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26465"
        },
        {
          "name": "RHBZ#2344780",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344780"
        },
        {
          "url": "https://seclists.org/oss-sec/2025/q1/144"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-10T21:56:03.853000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-390: Detection of Error Condition Without Action"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26465",
    "datePublished": "2025-02-18T18:27:16.843Z",
    "dateReserved": "2025-02-10T18:31:47.978Z",
    "dateUpdated": "2025-08-14T13:06:48.611Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9341 (GCVE-0-2024-9341)
Vulnerability from cvelistv5
Published
2024-10-01 18:52
Modified
2025-08-02 22:29
CWE
  • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Summary
A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system.
References
https://access.redhat.com/errata/RHSA-2024:10147 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10818 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7925 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8039 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8112 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8238 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8263 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8428 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8690 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8694 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8846 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9341 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2315691 issue-tracking, x_refsource_REDHAT
https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169
https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241023085649.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-13.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.33.9-1.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-5.rhaos4.12.git53dc492.el9   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
    cpe:/a:redhat:openshift_ironic:4.12::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-26.rhaos4.13.giteb3d487.el9   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.8-10.rhaos4.14.git807f92c.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.11-5.rhaos4.15.git35a2431.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.9-5.rhaos4.16.git34690b9.el8   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411201433-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 0:1.30.6-3.rhaos4.17.git49b5172.el8   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202412040832-0   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9341",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-01T19:23:28.683055Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-01T19:23:37.158Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/common",
          "defaultStatus": "unaffected",
          "packageName": "github.com/containers/common",
          "versions": [
            {
              "lessThan": "0.60.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020241023085649.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-13.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.9-1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:5.2.2-9.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.5-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8",
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift_ironic:4.12::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.25.5-5.rhaos4.12.git53dc492.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.26.5-26.rhaos4.13.giteb3d487.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.27.8-10.rhaos4.14.git807f92c.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.28.11-5.rhaos4.15.git35a2431.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.29.9-5.rhaos4.16.git34690b9.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202411201433-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9",
            "cpe:/a:redhat:openshift:4.17::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.30.6-3.rhaos4.17.git49b5172.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "417.94.202412040832-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Paul Holzinger for reporting this issue."
        }
      ],
      "datePublic": "2024-10-01T15:45:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Go. When FIPS mode is enabled on a system, container runtimes may incorrectly handle certain file paths due to improper validation in the containers/common Go library. This flaw allows an attacker to exploit symbolic links and trick the system into mounting sensitive host directories inside a container. This issue also allows attackers to access critical host files, bypassing the intended isolation between containers and the host system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-02T22:29:53.388Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10147",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10147"
        },
        {
          "name": "RHSA-2024:10818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10818"
        },
        {
          "name": "RHSA-2024:7925",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7925"
        },
        {
          "name": "RHSA-2024:8039",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8039"
        },
        {
          "name": "RHSA-2024:8112",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8112"
        },
        {
          "name": "RHSA-2024:8238",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8238"
        },
        {
          "name": "RHSA-2024:8263",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8263"
        },
        {
          "name": "RHSA-2024:8428",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8428"
        },
        {
          "name": "RHSA-2024:8690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8690"
        },
        {
          "name": "RHSA-2024:8694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8694"
        },
        {
          "name": "RHSA-2024:8846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8846"
        },
        {
          "name": "RHSA-2024:9454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9454"
        },
        {
          "name": "RHSA-2024:9459",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9459"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9341"
        },
        {
          "name": "RHBZ#2315691",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315691"
        },
        {
          "url": "https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L169"
        },
        {
          "url": "https://github.com/containers/common/blob/384f77532f67afc8a73d8e0c4adb0d195df57714/pkg/subscriptions/subscriptions.go#L349"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-30T15:18:57.587000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-01T15:45:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Podman: buildah: cri-o: fips crypto-policy directory mounting issue in containers/common go library",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9341",
    "datePublished": "2024-10-01T18:52:00.686Z",
    "dateReserved": "2024-09-30T15:19:22.496Z",
    "dateUpdated": "2025-08-02T22:29:53.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26601 (GCVE-0-2025-26601)
Vulnerability from cvelistv5
Published
2025-02-25 15:55
Modified
2025-07-29 00:20
CWE
Summary
A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26601 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345251 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26601",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T16:08:41.554166Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T16:08:49.344Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-16T23:03:10.687Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250516-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in X.Org and Xwayland. When changing an alarm, the values of the change mask are evaluated one after the other, changing the trigger values as requested, and eventually, SyncInitTrigger() is called. If one of the changes triggers an error, the function will return early, not adding the new sync object, possibly causing a use-after-free when the alarm eventually triggers."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:20:44.450Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26601"
        },
        {
          "name": "RHBZ#2345251",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345251"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:18:30.820000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: use-after-free in syncinittrigger()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26601",
    "datePublished": "2025-02-25T15:55:36.775Z",
    "dateReserved": "2025-02-12T14:12:22.796Z",
    "dateUpdated": "2025-07-29T00:20:44.450Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3094 (GCVE-0-2024-3094)
Vulnerability from cvelistv5
Published
2024-03-29 16:51
Modified
2025-07-05 02:25
Severity ?
CWE
  • CWE-506 - Embedded Malicious Code
Summary
Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library.
Impacted products
Vendor Product Version
Version: 5.6.0
Version: 5.6.1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3094",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-02T04:00:23.138684Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-30T15:37:17.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:32:42.679Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ariadne.space/2024/04/02/the-xz-utils-backdoor-is-a-symptom-of-a-larger-problem/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://aws.amazon.com/security/security-bulletins/AWS-2024-002/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.netbsd.org/tnf/entry/statement_on_backdoor_in_xz"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://boehs.org/node/everything-i-know-about-the-xz-backdoor"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugs.gentoo.org/928134"
          },
          {
            "name": "RHBZ#2272210",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272210"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222124"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://discourse.nixos.org/t/cve-2024-3094-malicious-code-in-xz-5-6-0-and-5-6-1-tarballs/42405"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-rxwq-x6h5-x525"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/amlweems/xzbot"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/karcherm/xz-malware"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gynvael.coldwind.pl/?lang=en\u0026id=782"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-security-announce/2024/msg00057.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.freebsd.org/archives/freebsd-security/2024-March/000248.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lwn.net/Articles/967180/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=39865810"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=39877267"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=39895344"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://openssf.org/blog/2024/03/30/xz-backdoor-cve-2024-3094/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://research.swtch.com/xz-script"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://research.swtch.com/xz-timeline"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.alpinelinux.org/vuln/CVE-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.archlinux.org/CVE-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240402-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://tukaani.org/xz-backdoor/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/LetsDefendIO/status/1774804387417751958"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/debian/status/1774219194638409898"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/infosecb/status/1774595540233167206"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/infosecb/status/1774597228864139400"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.cisa.gov/news-events/alerts/2024/03/29/reported-supply-chain-compromise-affecting-xz-utils-data-compression-library-cve-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.darkreading.com/vulnerabilities-threats/are-you-affected-by-the-backdoor-in-xz-utils"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.kali.org/blog/about-the-xz-backdoor/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2024/03/29/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.tenable.com/blog/frequently-asked-questions-cve-2024-3094-supply-chain-backdoor-in-xz-utils"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2024/03/29/malicious_backdoor_xz/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.vicarius.io/vsociety/vulnerabilities/cve-2024-3094"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://xeiaso.net/notes/2024/xz-vuln/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/30/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/30/27"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/29/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/29/10"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/30/36"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/16/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/29/8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/30/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/29/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/29/4"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/tukaani-project/xz",
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "versions": [
            {
              "status": "affected",
              "version": "5.6.0"
            },
            {
              "status": "affected",
              "version": "5.6.1"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xz",
          "product": "Red Hat JBoss Enterprise Application Platform 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Andres Freund for reporting this issue."
        }
      ],
      "datePublic": "2024-03-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. \r\nThrough a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code, which is then used to modify specific functions in the liblzma code. This results in a modified liblzma library that can be used by any software linked against this library, intercepting and modifying the data interaction with this library."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Critical"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-506",
              "description": "Embedded Malicious Code",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T02:25:44.391Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3094"
        },
        {
          "name": "RHBZ#2272210",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272210"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/03/29/4"
        },
        {
          "url": "https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-27T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-29T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xz: malicious code in distributed source",
      "x_redhatCweChain": "CWE-506: Embedded Malicious Code"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3094",
    "datePublished": "2024-03-29T16:51:12.588Z",
    "dateReserved": "2024-03-29T15:38:13.249Z",
    "dateUpdated": "2025-07-05T02:25:44.391Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45618 (GCVE-0-2024-45618)
Vulnerability from cvelistv5
Published
2024-09-03 21:21
Modified
2025-07-29 14:17
CWE
  • CWE-457 - Use of Uninitialized Variable
Summary
A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. Insufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45618",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:28:34.094182Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:28:44.379Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "affected",
          "packageName": "libopensc"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in pkcs15-init in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. \n\nInsufficient or missing checking of return values of functions leads to unexpected work with variables that have not been initialized."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-457",
              "description": "Use of Uninitialized Variable",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:17:32.036Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45618"
        },
        {
          "name": "RHBZ#2309287",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309287"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-02T18:12:45.252000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: uninitialized values after incorrect or missing checking return values of functions in pkcs15init",
      "x_redhatCweChain": "CWE-457: Use of Uninitialized Variable"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45618",
    "datePublished": "2024-09-03T21:21:25.869Z",
    "dateReserved": "2024-09-02T18:28:35.896Z",
    "dateUpdated": "2025-07-29T14:17:32.036Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45770 (GCVE-0-2024-45770)
Vulnerability from cvelistv5
Published
2024-09-19 08:45
Modified
2025-05-21 18:28
CWE
  • CWE-59 - Improper Link Resolution Before File Access ('Link Following')
Summary
A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges.
References
https://access.redhat.com/errata/RHSA-2024:6837 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6840 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6842 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6843 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6844 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6846 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6847 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6848 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9452 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45770 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2310451 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:5.3.7-22.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:5.0.2-9.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:5.2.5-8.el8_4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:5.2.5-8.el8_4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:5.2.5-8.el8_4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:5.3.5-10.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:5.3.5-10.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:5.3.5-10.el8_6   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:5.3.7-19.el8_8   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:6.2.0-5.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:6.2.2-7.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:5.3.5-10.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:6.0.1-8.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45770",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-19T13:39:14.632000Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-19T13:39:25.166Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/performancecopilot/pcp",
          "defaultStatus": "affected",
          "packageName": "pcp"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.7-22.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.0.2-9.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-8.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-8.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.2.5-8.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.7-19.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.2.0-5.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.2.2-7.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.3.5-10.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:6.0.1-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "pcp",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Performance Co-Pilot (PCP). This flaw can only be exploited if an attacker has access to a compromised PCP system account. The issue is related to the pmpost tool, which is used to log messages in the system. Under certain conditions, it runs with high-level privileges."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-59",
              "description": "Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-21T18:28:22.586Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:6837",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6837"
        },
        {
          "name": "RHSA-2024:6840",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6840"
        },
        {
          "name": "RHSA-2024:6842",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6842"
        },
        {
          "name": "RHSA-2024:6843",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6843"
        },
        {
          "name": "RHSA-2024:6844",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6844"
        },
        {
          "name": "RHSA-2024:6846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6846"
        },
        {
          "name": "RHSA-2024:6847",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6847"
        },
        {
          "name": "RHSA-2024:6848",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6848"
        },
        {
          "name": "RHSA-2024:9452",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9452"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45770"
        },
        {
          "name": "RHBZ#2310451",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310451"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-06T17:11:36.280000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Pcp: pmpost symlink attack allows escalating pcp to root user",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-59: Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45770",
    "datePublished": "2024-09-19T08:45:37.303Z",
    "dateReserved": "2024-09-06T14:56:44.790Z",
    "dateUpdated": "2025-05-21T18:28:22.586Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45782 (GCVE-0-2024-45782)
Vulnerability from cvelistv5
Published
2025-03-03 17:05
Modified
2025-07-29 09:41
CWE
Summary
A flaw was found in the HFS filesystem. When reading an HFS volume's name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name's length. This issue may read to a heap-based out-of-bounds writer, impacting grub's sensitive data integrity and eventually leading to a secure boot protection bypass.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45782",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T16:16:37.826730Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T16:16:50.200Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the HFS filesystem. When reading an HFS volume\u0027s name at grub_fs_mount(), the HFS filesystem driver performs a strcpy() using the user-provided volume name as input without properly validating the volume name\u0027s length. This issue may read to a heap-based out-of-bounds writer, impacting grub\u0027s sensitive data integrity and eventually leading to a secure boot protection bypass."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:41:42.997Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45782"
        },
        {
          "name": "RHBZ#2345858",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345858"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-14T21:43:49.029000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/hfs: strcpy() using the volume name (fs/hfs.c:382)",
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45782",
    "datePublished": "2025-03-03T17:05:25.397Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:41:42.997Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49795 (GCVE-0-2025-49795)
Vulnerability from cvelistv5
Published
2025-06-16 15:19
Modified
2025-07-24 12:07
CWE
  • CWE-825 - Expired Pointer Dereference
Summary
A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service.
References
https://access.redhat.com/errata/RHSA-2025:10630 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49795 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2372379 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.12.5-7.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49795",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-16T15:30:23.392664Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-16T15:30:39.969Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.12.5-7.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A NULL pointer dereference vulnerability was found in libxml2 when processing XPath XML expressions. This flaw allows an attacker to craft a malicious XML input to libxml2, leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-825",
              "description": "Expired Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-24T12:07:32.124Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10630"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49795"
        },
        {
          "name": "RHBZ#2372379",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372379"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-12T00:31:08.194000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-11T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxml: null pointer dereference leads to denial of service (dos)",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation is either unavailable or does not meet Red Hat Product Security standards for usability, deployment, applicability, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-825: Expired Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49795",
    "datePublished": "2025-06-16T15:19:29.871Z",
    "dateReserved": "2025-06-10T22:17:05.286Z",
    "dateUpdated": "2025-07-24T12:07:32.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45774 (GCVE-0-2024-45774)
Vulnerability from cvelistv5
Published
2025-02-18 18:25
Modified
2025-07-29 09:39
CWE
Summary
A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded.
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45774",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-18T18:54:05.276428Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T18:54:56.634Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://ftp.gnu.org/gnu/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:39:10.746Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45774"
        },
        {
          "name": "RHBZ#2337461",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2337461"
        },
        {
          "url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-01-13T22:37:58.096000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: reader/jpeg: heap oob write during jpeg parsing",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not process untrusted JPEG files with grub2."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45774",
    "datePublished": "2025-02-18T18:25:09.511Z",
    "dateReserved": "2024-09-08T01:57:12.947Z",
    "dateUpdated": "2025-07-29T09:39:10.746Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5914 (GCVE-0-2025-5914)
Vulnerability from cvelistv5
Published
2025-06-09 19:53
Modified
2025-08-12 10:41
CWE
Summary
A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5914",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T15:14:35.773233Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T15:30:42.589Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/libarchive/libarchive/pull/2598"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in the libarchive library, specifically within the archive_read_format_rar_seek_data() function. This flaw involves an integer overflow that can ultimately lead to a double-free condition. Exploiting a double-free vulnerability can result in memory corruption, enabling an attacker to execute arbitrary code or cause a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "Double Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T10:41:46.176Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5914"
        },
        {
          "name": "RHBZ#2370861",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370861"
        },
        {
          "url": "https://github.com/libarchive/libarchive/pull/2598"
        },
        {
          "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-06T17:58:25.491000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libarchive: double free at archive_read_format_rar_seek_data() in archive_read_support_format_rar.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements."
        }
      ],
      "x_redhatCweChain": "CWE-190-\u003eCWE-415: Integer Overflow or Wraparound leads to Double Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5914",
    "datePublished": "2025-06-09T19:53:48.923Z",
    "dateReserved": "2025-06-09T08:10:18.779Z",
    "dateUpdated": "2025-08-12T10:41:46.176Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6395 (GCVE-0-2025-6395)
Vulnerability from cvelistv5
Published
2025-07-10 15:20
Modified
2025-07-25 18:59
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6395",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T15:32:33.292878Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T16:02:39.265Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnutls.org/",
          "defaultStatus": "unaffected",
          "packageName": "libgnutls",
          "versions": [
            {
              "lessThan": "3.8.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-07-10T07:56:53.029Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite()."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T18:59:17.389Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6395"
        },
        {
          "name": "RHBZ#2376755",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2376755"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-07T09:30:13.037000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T07:56:53.029000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6395",
    "datePublished": "2025-07-10T15:20:46.031Z",
    "dateReserved": "2025-06-20T06:26:20.649Z",
    "dateUpdated": "2025-07-25T18:59:17.389Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45619 (GCVE-0-2024-45619)
Vulnerability from cvelistv5
Published
2024-09-03 21:21
Modified
2025-07-29 14:18
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45619",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:33:55.705414Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:34:06.257Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "affected",
          "packageName": "libopensc"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in OpenSC, OpenSC tools, PKCS#11 module, minidriver, and CTK. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:18:22.141Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45619"
        },
        {
          "name": "RHBZ#2309288",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309288"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-02T18:12:45.660000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: incorrect handling length of buffers or files in libopensc",
      "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45619",
    "datePublished": "2024-09-03T21:21:39.080Z",
    "dateReserved": "2024-09-02T18:28:35.896Z",
    "dateUpdated": "2025-07-29T14:18:22.141Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7345 (GCVE-0-2025-7345)
Vulnerability from cvelistv5
Published
2025-07-08 13:39
Modified
2025-08-07 06:31
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A flaw exists in gdk‑pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib’s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution.
References
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.42.12-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.36.12-7.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.36.12-7.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.42.6-6.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7345",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T13:53:14.454493Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T13:54:32.331Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.42.12-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.36.12-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.36.12-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.42.6-6.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Yifan Zhang (Programming Languages Lab, Peking University) for reporting this issue."
        }
      ],
      "datePublic": "2025-07-08T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw exists in gdk\u2011pixbuf within the gdk_pixbuf__jpeg_image_load_increment function (io-jpeg.c) and in glib\u2019s g_base64_encode_step (glib/gbase64.c). When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory, potentially causing application crashes or arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-07T06:31:17.762Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:12841",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12841"
        },
        {
          "name": "RHSA-2025:12862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12862"
        },
        {
          "name": "RHSA-2025:13315",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13315"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-7345"
        },
        {
          "name": "RHBZ#2377063",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2377063"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/issues/249"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-08T05:57:08.229000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-08T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gdk\u2011pixbuf: heap\u2011buffer\u2011overflow in gdk\u2011pixbuf",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-7345",
    "datePublished": "2025-07-08T13:39:07.949Z",
    "dateReserved": "2025-07-08T06:13:05.999Z",
    "dateUpdated": "2025-08-07T06:31:17.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8197 (GCVE-0-2025-8197)
Vulnerability from cvelistv5

Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465

Show details on NVD website


{
  "containers": {
    "cna": {
      "providerMetadata": {
        "dateUpdated": "2025-08-14T02:15:08.062Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "rejectedReasons": [
        {
          "lang": "en",
          "value": "Maintainers have included reasons at https://gitlab.gnome.org/GNOME/libsoup/-/issues/465"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-8197",
    "datePublished": "2025-07-25T19:19:08.251Z",
    "dateRejected": "2025-08-14T02:15:08.062Z",
    "dateReserved": "2025-07-25T16:15:44.657Z",
    "dateUpdated": "2025-08-14T02:15:08.062Z",
    "state": "REJECTED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-31081 (GCVE-0-2024-31081)
Vulnerability from cvelistv5
Published
2024-04-04 13:48
Modified
2025-08-04 21:06
CWE
Summary
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
References
https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-31081 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2271998 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.7.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31081",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-04T16:37:41.931286Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:22:25.941Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:46:04.378Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
          },
          {
            "name": "RHSA-2024:1785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1785"
          },
          {
            "name": "RHSA-2024:2036",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2036"
          },
          {
            "name": "RHSA-2024:2037",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2037"
          },
          {
            "name": "RHSA-2024:2038",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2038"
          },
          {
            "name": "RHSA-2024:2039",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2039"
          },
          {
            "name": "RHSA-2024:2040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2040"
          },
          {
            "name": "RHSA-2024:2041",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2041"
          },
          {
            "name": "RHSA-2024:2042",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2042"
          },
          {
            "name": "RHSA-2024:2080",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2080"
          },
          {
            "name": "RHSA-2024:2616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2616"
          },
          {
            "name": "RHSA-2024:3258",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3258"
          },
          {
            "name": "RHSA-2024:3261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3261"
          },
          {
            "name": "RHSA-2024:3343",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3343"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-31081"
          },
          {
            "name": "RHBZ#2271998",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
          "defaultStatus": "unaffected",
          "packageName": "xorg-server",
          "versions": [
            {
              "status": "affected",
              "version": "1.7.0"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-29.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-33.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-2.el8_9.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-23.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-10.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-16.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer over-read vulnerability was found in the X.org server\u0027s ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker\u0027s inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T21:06:33.284Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1785"
        },
        {
          "name": "RHSA-2024:2036",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2036"
        },
        {
          "name": "RHSA-2024:2037",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2037"
        },
        {
          "name": "RHSA-2024:2038",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2038"
        },
        {
          "name": "RHSA-2024:2039",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2039"
        },
        {
          "name": "RHSA-2024:2040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2040"
        },
        {
          "name": "RHSA-2024:2041",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2041"
        },
        {
          "name": "RHSA-2024:2042",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2042"
        },
        {
          "name": "RHSA-2024:2080",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2080"
        },
        {
          "name": "RHSA-2024:2616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2616"
        },
        {
          "name": "RHSA-2024:3258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3258"
        },
        {
          "name": "RHSA-2024:3261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3261"
        },
        {
          "name": "RHSA-2024:3343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3343"
        },
        {
          "name": "RHSA-2024:9093",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9093"
        },
        {
          "name": "RHSA-2024:9122",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9122"
        },
        {
          "name": "RHSA-2025:12751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12751"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-31081"
        },
        {
          "name": "RHBZ#2271998",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-28T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server: heap buffer overread/data leakage in procxipassivegrabdevice",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-31081",
    "datePublished": "2024-04-04T13:48:12.848Z",
    "dateReserved": "2024-03-28T02:56:55.575Z",
    "dateUpdated": "2025-08-04T21:06:33.284Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-28835 (GCVE-0-2024-28835)
Vulnerability from cvelistv5
Published
2024-03-21 06:13
Modified
2025-05-21 15:18
CWE
Summary
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
Impacted products
Vendor Product Version
Version: 3.8.3
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.7.6-23.el9_3.4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.8.3-4.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.7.6-23.el9_3.4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.8.3-4.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:3.7.6-21.el9_2.3   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-28835",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-21T18:00:08.506389Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:15.160Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-22T12:04:48.736Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/22/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/22/2"
          },
          {
            "name": "RHSA-2024:1879",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1879"
          },
          {
            "name": "RHSA-2024:2570",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2570"
          },
          {
            "name": "RHSA-2024:2889",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2889"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-28835"
          },
          {
            "name": "RHBZ#2269084",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269084"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20241122-0009/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/gnutls/gnutls/",
          "defaultStatus": "unaffected",
          "packageName": "gnutls",
          "versions": [
            {
              "status": "affected",
              "version": "3.8.3"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-23.el9_3.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-23.el9_3.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-21.el9_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-03-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the \"certtool --verify-chain\" command."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-21T15:18:50.131Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1879"
        },
        {
          "name": "RHSA-2024:2570",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2570"
        },
        {
          "name": "RHSA-2024:2889",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2889"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-28835"
        },
        {
          "name": "RHBZ#2269084",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269084"
        },
        {
          "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-11T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-21T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: potential crash during chain building/verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-248: Uncaught Exception"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-28835",
    "datePublished": "2024-03-21T06:13:26.916Z",
    "dateReserved": "2024-03-11T14:43:43.973Z",
    "dateUpdated": "2025-05-21T15:18:50.131Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5148 (GCVE-0-2024-5148)
Vulnerability from cvelistv5
Published
2024-09-02 11:03
Modified
2025-07-05 04:47
CWE
  • CWE-488 - Exposure of Data Element to Wrong Session
Summary
A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition.
Impacted products
Vendor Product Version
Version: 46.alpha   < 46.2
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5148",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-03T15:27:26.435046Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-03T15:27:41.071Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/GNOME/gnome-remote-desktop",
          "defaultStatus": "unaffected",
          "packageName": "gnome-remote-desktop",
          "versions": [
            {
              "lessThan": "46.2",
              "status": "affected",
              "version": "46.alpha",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matthias Gerstner (SUSE) for reporting this issue."
        }
      ],
      "datePublic": "2024-05-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the gnome-remote-desktop package. The gnome-remote-desktop system daemon performs inadequate validation of session agents using D-Bus methods related to transitioning a client connection from the login screen to the user session. As a result, the system RDP TLS certificate and key can be exposed to unauthorized users. This flaw allows a malicious user on the system to take control of the RDP client connection during the login screen-to-user session transition."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-488",
              "description": "Exposure of Data Element to Wrong Session",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T04:47:44.364Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-5148"
        },
        {
          "name": "RHBZ#2282003",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2282003"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/issues/196"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-05-20T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-05-21T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnome-remote-desktop: inadequate validation of session agents using d-bus methods may expose rdp tls certificate",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-488: Exposure of Data Element to Wrong Session"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-5148",
    "datePublished": "2024-09-02T11:03:18.235Z",
    "dateReserved": "2024-05-20T18:16:45.718Z",
    "dateUpdated": "2025-07-05T04:47:44.364Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4948 (GCVE-0-2025-4948)
Vulnerability from cvelistv5
Published
2025-05-19 15:55
Modified
2025-07-30 14:57
CWE
  • CWE-191 - Integer Underflow (Wrap or Wraparound)
Summary
A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpectedly, creating a denial-of-service (DoS) risk.
References
https://access.redhat.com/errata/RHSA-2025:8126 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8128 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8132 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8139 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8140 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8252 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8480 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8481 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8482 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8663 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4948 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2367183 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libsoup/-/issues/449
Impacted products
Vendor Product Version
Version: 0    3.6.5
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0.6   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.5   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.5   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.5   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.5   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.5   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4948",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-19T16:53:09.791116Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-19T16:53:17.287Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThanOrEqual": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank fouzhe and zkbytes for reporting this issue."
        }
      ],
      "datePublic": "2025-05-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the soup_multipart_new_from_message() function of the libsoup HTTP library, which is commonly used by GNOME and other applications to handle web communications. The issue occurs when the library processes specially crafted multipart messages. Due to improper validation, an internal calculation can go wrong, leading to an integer underflow. This can cause the program to access invalid memory and crash. As a result, any application or server using libsoup could be forced to exit unexpectedly, creating a denial-of-service (DoS) risk."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-191",
              "description": "Integer Underflow (Wrap or Wraparound)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-30T14:57:22.980Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:8126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8126"
        },
        {
          "name": "RHSA-2025:8128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8128"
        },
        {
          "name": "RHSA-2025:8132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8132"
        },
        {
          "name": "RHSA-2025:8139",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8139"
        },
        {
          "name": "RHSA-2025:8140",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8140"
        },
        {
          "name": "RHSA-2025:8252",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8252"
        },
        {
          "name": "RHSA-2025:8480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8480"
        },
        {
          "name": "RHSA-2025:8481",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8481"
        },
        {
          "name": "RHSA-2025:8482",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8482"
        },
        {
          "name": "RHSA-2025:8663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8663"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4948"
        },
        {
          "name": "RHBZ#2367183",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367183"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/449"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-19T05:22:19.904000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-19T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: integer underflow in soup_multipart_new_from_message() leading to denial of service in libsoup",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this issue, Red Hat recommends avoiding the use of libsoup with untrusted or unauthenticated multipart HTTP message sources until updated packages are available. Administrators can deploy application-level filters or HTTP proxies that reject malformed multipart requests. It is strongly advised to apply vendor-supplied patches as soon as they are released to address this integer underflow vulnerability and restore the stability of affected services."
        }
      ],
      "x_redhatCweChain": "CWE-191: Integer Underflow (Wrap or Wraparound)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4948",
    "datePublished": "2025-05-19T15:55:46.230Z",
    "dateReserved": "2025-05-19T06:24:43.391Z",
    "dateUpdated": "2025-07-30T14:57:22.980Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6237 (GCVE-0-2024-6237)
Vulnerability from cvelistv5
Published
2024-07-09 16:39
Modified
2025-08-03 08:42
CWE
  • CWE-230 - Improper Handling of Missing Values
Summary
A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Directory Server 12.4 for RHEL 9 Unaffected: 9040020240723122852.1674d574   < *
    cpe:/a:redhat:directory_server:12.4::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.4.5-9.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Directory Server 11     cpe:/a:redhat:directory_server:11
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6237",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-13T20:16:20.543543Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-13T20:16:27.843Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:33:05.243Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6237"
          },
          {
            "name": "RHBZ#2293579",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293579"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/389ds/389-ds-base/issues/5989"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/389ds/389-ds-base",
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "versions": [
            {
              "lessThan": "2.4.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12",
          "product": "Red Hat Directory Server 12.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9040020240723122852.1674d574",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.5-9.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11"
          ],
          "defaultStatus": "unaffected",
          "packageName": "redhat-ds:11/389-ds-base",
          "product": "Red Hat Directory Server 11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds:1.4/389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-07-09T16:03:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the 389 Directory Server. This flaw allows an unauthenticated user to cause a systematic server crash while sending a specific extended search request, leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-230",
              "description": "Improper Handling of Missing Values",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:42:01.145Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4997",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4997"
        },
        {
          "name": "RHSA-2024:5192",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5192"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6237"
        },
        {
          "name": "RHBZ#2293579",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293579"
        },
        {
          "url": "https://github.com/389ds/389-ds-base/issues/5989"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-20T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-09T16:03:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "389-ds-base: unauthenticated user can trigger a dos by sending a specific extended search request",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-230: Improper Handling of Missing Values"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6237",
    "datePublished": "2024-07-09T16:39:58.810Z",
    "dateReserved": "2024-06-21T02:32:34.022Z",
    "dateUpdated": "2025-08-03T08:42:01.145Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-47711 (GCVE-0-2025-47711)
Vulnerability from cvelistv5
Published
2025-06-09 06:03
Modified
2025-07-29 18:19
CWE
Summary
There's a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service.
References
Impacted products
Vendor Product Version
Version: 1.11.10   
Version: 1.40.0   
Version: 1.42.0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-47711",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-09T18:19:38.672467Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-09T18:19:57.680Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://nbdkit.org/",
          "defaultStatus": "unaffected",
          "packageName": "nbdkit",
          "versions": [
            {
              "lessThan": "1.38.6",
              "status": "affected",
              "version": "1.11.10",
              "versionType": "semver"
            },
            {
              "lessThan": "1.40.6",
              "status": "affected",
              "version": "1.40.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.42.3",
              "status": "affected",
              "version": "1.42.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "nbdkit",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "nbdkit",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "virt:rhel/nbdkit",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "unknown",
          "packageName": "virt:8.2/nbdkit",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "unknown",
          "packageName": "virt:av/nbdkit",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "nbdkit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "There\u0027s a flaw in the nbdkit server when handling responses from its plugins regarding the status of data blocks. If a client makes a specific request for a very large data range, and a plugin responds with an even larger single block, the nbdkit server can encounter a critical internal error, leading to a denial-of-service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-193",
              "description": "Off-by-one Error",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T18:19:11.669Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-47711"
        },
        {
          "name": "RHBZ#2365687",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365687"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-12T16:59:09.026000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-23T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Nbdkit: nbdkit-server: off-by-one error when processing block status may lead to a denial of service",
      "x_redhatCweChain": "CWE-193: Off-by-one Error"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-47711",
    "datePublished": "2025-06-09T06:03:47.063Z",
    "dateReserved": "2025-05-07T21:08:45.449Z",
    "dateUpdated": "2025-07-29T18:19:11.669Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5372 (GCVE-0-2025-5372)
Vulnerability from cvelistv5
Published
2025-07-04 06:01
Modified
2025-07-31 17:14
CWE
Summary
A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success—the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions' confidentiality, integrity, and availability.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5372",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-08T14:08:57.301926Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T14:09:04.669Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libssh versions built with OpenSSL versions older than 3.0, specifically in the ssh_kdf() function responsible for key derivation. Due to inconsistent interpretation of return values where OpenSSL uses 0 to indicate failure and libssh uses 0 for success\u2014the function may mistakenly return a success status even when key derivation fails. This results in uninitialized cryptographic key buffers being used in subsequent communication, potentially compromising SSH sessions\u0027 confidentiality, integrity, and availability."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-682",
              "description": "Incorrect Calculation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-31T17:14:53.414Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5372"
        },
        {
          "name": "RHBZ#2369388",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369388"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-30T11:26:05.731000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libssh: incorrect return code handling in ssh_kdf() in libssh",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate this issue, administrators should ensure that libssh is built against OpenSSL version 3.0 or later. This change eliminates the return code mismatch and prevents the erroneous use of uninitialized key material. It is also strongly recommended to apply vendor supplied patches or update to the latest libssh security release as soon as possible."
        }
      ],
      "x_redhatCweChain": "CWE-682: Incorrect Calculation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5372",
    "datePublished": "2025-07-04T06:01:27.954Z",
    "dateReserved": "2025-05-30T11:22:02.534Z",
    "dateUpdated": "2025-07-31T17:14:53.414Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4945 (GCVE-0-2025-4945)
Vulnerability from cvelistv5
Published
2025-05-19 17:03
Modified
2025-07-30 17:50
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines.
References
Impacted products
Vendor Product Version
Version: 0    3.6.5
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4945",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-20T14:04:42.401057Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-20T14:04:51.543Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThanOrEqual": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank fouzhe for reporting this issue."
        }
      ],
      "datePublic": "2025-05-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the cookie parsing logic of the libsoup HTTP library, used in GNOME applications and other software. The vulnerability arises when processing the expiration date of cookies, where a specially crafted value can trigger an integer overflow. This may result in undefined behavior, allowing an attacker to bypass cookie expiration logic, causing persistent or unintended cookie behavior. The issue stems from improper validation of large integer inputs during date arithmetic operations within the cookie parsing routines."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-30T17:50:36.254Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4945"
        },
        {
          "name": "RHBZ#2367175",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367175"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-19T04:35:01.994000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-19T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: integer overflow in cookie expiration date handling in libsoup",
      "workarounds": [
        {
          "lang": "en",
          "value": "To mitigate the risk associated with this libsoup vulnerability, Red Hat recommends avoiding interactions between client applications using the libsoup library and untrusted or compromised HTTP servers until a patched version of libsoup is deployed. Users and administrators should monitor their systems for suspicious HTTP activity and apply vendor updates as soon as a fix becomes available to prevent manipulation of cookie expiration logic that could lead to unexpected behavior or policy circumvention."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4945",
    "datePublished": "2025-05-19T17:03:09.472Z",
    "dateReserved": "2025-05-19T04:46:20.918Z",
    "dateUpdated": "2025-07-30T17:50:36.254Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5222 (GCVE-0-2025-5222)
Vulnerability from cvelistv5
Published
2025-05-27 20:51
Modified
2025-07-31 04:59
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution.
References
https://access.redhat.com/errata/RHSA-2025:11888 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12083 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12331 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12332 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12333 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-5222 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2368600 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:74.2-5.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:67.1-10.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:67.1-10.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:67.1-10.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
    cpe:/o:redhat:rhel_e4s:9.0::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:67.1-10.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
    cpe:/o:redhat:rhel_e4s:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:67.1-10.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5222",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-28T13:49:29.931272Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-28T13:49:36.203Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-06-15T23:02:56.243Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00015.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://unicode-org.atlassian.net/",
          "defaultStatus": "unaffected",
          "packageName": "icu",
          "versions": [
            {
              "lessThan": "78.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:74.2-5.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:67.1-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:67.1-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:67.1-10.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:67.1-10.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:67.1-10.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "icu",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-icu",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the \u0027subtag\u0027 struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-31T04:59:35.421Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:11888",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11888"
        },
        {
          "name": "RHSA-2025:12083",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12083"
        },
        {
          "name": "RHSA-2025:12331",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12331"
        },
        {
          "name": "RHSA-2025:12332",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12332"
        },
        {
          "name": "RHSA-2025:12333",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12333"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5222"
        },
        {
          "name": "RHBZ#2368600",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2368600"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-26T13:39:54.361000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Icu: stack buffer overflow in the srbroot::addtag function",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5222",
    "datePublished": "2025-05-27T20:51:50.958Z",
    "dateReserved": "2025-05-26T14:41:58.427Z",
    "dateUpdated": "2025-07-31T04:59:35.421Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12086 (GCVE-0-2024-12086)
Vulnerability from cvelistv5
Published
2025-01-14 17:37
Modified
2025-07-29 09:31
CWE
  • CWE-390 - Detection of Error Condition Without Action
Summary
A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client's machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12086",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T14:14:25.165183Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T14:20:53.620Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RsyncProject/rsync",
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue."
        }
      ],
      "datePublic": "2025-01-14T15:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in rsync. It could allow a server to enumerate the contents of an arbitrary file from the client\u0027s machine. This issue occurs when files are being copied from a client to a server. During this process, the rsync server will send checksums of local data to the client to compare with in order to determine what data needs to be sent to the server. By sending specially constructed checksum values for arbitrary files, an attacker may be able to reconstruct the data of those files byte-by-byte based on the responses from the client."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-390",
              "description": "Detection of Error Condition Without Action",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:31:17.273Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12086"
        },
        {
          "name": "RHBZ#2330577",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330577"
        },
        {
          "url": "https://kb.cert.org/vuls/id/952657"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-05T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-14T15:06:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rsync: rsync server leaks arbitrary client files",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-390: Detection of Error Condition Without Action"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12086",
    "datePublished": "2025-01-14T17:37:54.960Z",
    "dateReserved": "2024-12-03T08:57:58.397Z",
    "dateUpdated": "2025-07-29T09:31:17.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32251 (GCVE-0-2023-32251)
Vulnerability from cvelistv5
Published
2025-07-31 20:44
Modified
2025-08-01 13:29
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
Summary
A vulnerability has been identified in the Linux kernel's ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms.
Impacted products
Vendor Product Version
Version: 0
Version: 6.0.0
Version: 6.1.0
Version: 6.2.0
Version: 6.3.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32251",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-01T13:29:42.668582Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-01T13:29:57.568Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/",
          "defaultStatus": "unaffected",
          "packageName": "linux",
          "versions": [
            {
              "lessThan": "5.15.145",
              "status": "affected",
              "version": "0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.0.*",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.1.29",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.2.16",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.3.2",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semvar"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-05-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in the Linux kernel\u0027s ksmbd component (kernel SMB/CIFS server). A security control designed to prevent dictionary attacks, which introduces a 5-second delay during session setup, can be bypassed through the use of asynchronous requests. This bypass negates the intended anti-brute-force protection, potentially allowing attackers to conduct dictionary attacks more efficiently against user credentials or other authentication mechanisms."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T00:50:43.166Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b096d97f47326b1e2dbdef1c91fab69ffda54d17"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-699/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-31T19:56:30.351000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-05-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: ksmbd brute force delay bypass via asynchronous requests",
      "x_redhatCweChain": "CWE-307: Improper Restriction of Excessive Authentication Attempts"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-32251",
    "datePublished": "2025-07-31T20:44:02.968Z",
    "dateReserved": "2023-05-05T10:00:07.895Z",
    "dateUpdated": "2025-08-01T13:29:57.568Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6032 (GCVE-0-2025-6032)
Vulnerability from cvelistv5
Published
2025-06-24 13:50
Modified
2025-07-30 22:14
CWE
  • CWE-295 - Improper Certificate Validation
Summary
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.
References
https://access.redhat.com/errata/RHSA-2025:10295 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10549 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10550 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10551 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10668 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11363 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11677 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11681 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9726 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9751 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9766 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-6032 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2372501 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 6:5.4.0-12.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020250625105344.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 5:5.4.0-12.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 4:4.9.4-18.el9_4.2   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-14.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202507222002-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-8.rhaos4.17.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 418.94.202507221927-0   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 5:5.2.2-9.rhaos4.18.el9   < *
    cpe:/a:redhat:openshift:4.18::el8
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.19 Unaffected: 4.19.9.6.202507152218-0   < *
    cpe:/a:redhat:openshift:4.19::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.19 Unaffected: 5:5.4.0-6.rhaos4.19.el9   < *
    cpe:/a:redhat:openshift:4.19::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6032",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-24T14:11:17.749372Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-24T14:12:10.372Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "6:5.4.0-12.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020250625105344.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.4.0-12.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-18.el9_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-14.rhaos4.16.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202507222002-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9",
            "cpe:/a:redhat:openshift:4.17::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.2.2-8.rhaos4.17.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "418.94.202507221927-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el8",
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.2.2-9.rhaos4.18.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.19::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.19",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.19.9.6.202507152218-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.19::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.19",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.4.0-6.rhaos4.19.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Paul Holzinger (Red Hat Inc.)."
        }
      ],
      "datePublic": "2025-06-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-30T22:14:47.716Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10295",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10295"
        },
        {
          "name": "RHSA-2025:10549",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10549"
        },
        {
          "name": "RHSA-2025:10550",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10550"
        },
        {
          "name": "RHSA-2025:10551",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10551"
        },
        {
          "name": "RHSA-2025:10668",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10668"
        },
        {
          "name": "RHSA-2025:11363",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11363"
        },
        {
          "name": "RHSA-2025:11677",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11677"
        },
        {
          "name": "RHSA-2025:11681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11681"
        },
        {
          "name": "RHSA-2025:9726",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9726"
        },
        {
          "name": "RHSA-2025:9751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9751"
        },
        {
          "name": "RHSA-2025:9766",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9766"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6032"
        },
        {
          "name": "RHBZ#2372501",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372501"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-12T15:14:34.557000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Podman: podman missing tls verification",
      "workarounds": [
        {
          "lang": "en",
          "value": "Download the VM image manually with another tool that verifies the TLS certificate and then pass the local image as a file path to podman, for example:\n\n# podman machine init --image \u003clocal-image-path\u003e"
        }
      ],
      "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6032",
    "datePublished": "2025-06-24T13:50:47.955Z",
    "dateReserved": "2025-06-12T15:21:33.840Z",
    "dateUpdated": "2025-07-30T22:14:47.716Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11831 (GCVE-0-2024-11831)
Vulnerability from cvelistv5
Published
2025-02-10 15:27
Modified
2025-07-23 20:04
CWE
  • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package.
Impacted products
Vendor Product Version
Version: 6.0   
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.4 Unaffected: 4.4.8-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.4::el8
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4.5 Unaffected: 4.5.6-2   < *
    cpe:/a:redhat:advanced_cluster_security:4.5::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.0.112-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat RHODF-4.14-RHEL-9 Unaffected: v4.14.18-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.14::el9
Create a notification for this product.
   Red Hat RHODF-4.14-RHEL-9 Unaffected: v4.14.18-3   < *
    cpe:/a:redhat:openshift_data_foundation:4.14::el9
Create a notification for this product.
   Red Hat RHODF-4.14-RHEL-9 Unaffected: v4.14.18-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.14::el9
Create a notification for this product.
   Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.14-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
   Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.14-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
   Red Hat RHODF-4.15-RHEL-9 Unaffected: v4.15.14-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.15::el9
Create a notification for this product.
   Red Hat RHODF-4.16-RHEL-9 Unaffected: v4.16.10-4   < *
    cpe:/a:redhat:openshift_data_foundation:4.16::el9
Create a notification for this product.
   Red Hat RHODF-4.16-RHEL-9 Unaffected: v4.16.10-4   < *
    cpe:/a:redhat:openshift_data_foundation:4.16::el9
Create a notification for this product.
   Red Hat RHODF-4.16-RHEL-9 Unaffected: v4.16.10-3   < *
    cpe:/a:redhat:openshift_data_foundation:4.16::el9
Create a notification for this product.
   Red Hat RHODF-4.17-RHEL-9 Unaffected: v4.17.7-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.17::el9
Create a notification for this product.
   Red Hat RHODF-4.17-RHEL-9 Unaffected: v4.17.7-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.17::el9
Create a notification for this product.
   Red Hat RHODF-4.17-RHEL-9 Unaffected: v4.17.7-2   < *
    cpe:/a:redhat:openshift_data_foundation:4.17::el9
Create a notification for this product.
   Red Hat RHODF-4.18-RHEL-9 Unaffected: v4.18.2-8   < *
    cpe:/a:redhat:openshift_data_foundation:4.18::el9
Create a notification for this product.
   Red Hat RHODF-4.18-RHEL-9 Unaffected: v4.18.2-7   < *
    cpe:/a:redhat:openshift_data_foundation:4.18::el9
Create a notification for this product.
   Red Hat RHODF-4.18-RHEL-9 Unaffected: v4.18.2-8   < *
    cpe:/a:redhat:openshift_data_foundation:4.18::el9
Create a notification for this product.
   Red Hat Cryostat 3     cpe:/a:redhat:cryostat:3
Create a notification for this product.
   Red Hat Logging Subsystem for Red Hat OpenShift     cpe:/a:redhat:logging:5
Create a notification for this product.
   Red Hat Migration Toolkit for Virtualization     cpe:/a:redhat:migration_toolkit_virtualization:2
Create a notification for this product.
   Red Hat .NET 6.0 on Red Hat Enterprise Linux     cpe:/a:redhat:rhel_dotnet:6.0
Create a notification for this product.
   Red Hat OpenShift Lightspeed     cpe:/a:redhat:openshift_lightspeed
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
Create a notification for this product.
   Red Hat OpenShift Service Mesh 2     cpe:/a:redhat:service_mesh:2
Create a notification for this product.
   Red Hat Red Hat 3scale API Management Platform 2     cpe:/a:redhat:red_hat_3scale_amp:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat build of Apache Camel - HawtIO 4     cpe:/a:redhat:apache_camel_hawtio:4
Create a notification for this product.
   Red Hat Red Hat build of Apicurio Registry 2     cpe:/a:redhat:service_registry:2
Create a notification for this product.
   Red Hat Red Hat build of OptaPlanner 8     cpe:/a:redhat:optaplanner:::el6
Create a notification for this product.
   Red Hat Red Hat Data Grid 8     cpe:/a:redhat:jboss_data_grid:8
Create a notification for this product.
   Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
Create a notification for this product.
   Red Hat Red Hat Discovery 1     cpe:/a:redhat:discovery:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Fuse 7     cpe:/a:redhat:jboss_fuse:7
Create a notification for this product.
   Red Hat Red Hat Integration Camel K 1     cpe:/a:redhat:integration:1
Create a notification for this product.
   Red Hat Red Hat JBoss Enterprise Application Platform 7     cpe:/a:redhat:jboss_enterprise_application_platform:7
Create a notification for this product.
   Red Hat Red Hat JBoss Enterprise Application Platform 8     cpe:/a:redhat:jboss_enterprise_application_platform:8
Create a notification for this product.
   Red Hat Red Hat JBoss Enterprise Application Platform Expansion Pack     cpe:/a:redhat:jbosseapxp
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3     cpe:/a:redhat:openshift_distributed_tracing:3
Create a notification for this product.
   Red Hat Red Hat Process Automation 7     cpe:/a:redhat:jboss_enterprise_bpms_platform:7
Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Single Sign-On 7     cpe:/a:redhat:red_hat_single_sign_on:7
Create a notification for this product.
   Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11831",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T17:08:31.160473Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-10T17:08:44.112Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/yahoo/serialize-javascript",
          "packageName": "serialize-javascript",
          "versions": [
            {
              "lessThan": "6.0.2",
              "status": "affected",
              "version": "6.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.4",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.4.8-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4.5.6-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "dotnet8.0",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.0.112-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-console-rhel9",
          "product": "RHODF-4.14-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.18-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-console-rhel9",
          "product": "RHODF-4.14-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.18-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-console-rhel9",
          "product": "RHODF-4.14-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.18-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-console-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.14-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-console-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.14-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-console-rhel9",
          "product": "RHODF-4.15-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.14-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-console-rhel9",
          "product": "RHODF-4.16-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.10-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-console-rhel9",
          "product": "RHODF-4.16-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.10-4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-console-rhel9",
          "product": "RHODF-4.16-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.10-3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-console-rhel9",
          "product": "RHODF-4.17-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.7-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-console-rhel9",
          "product": "RHODF-4.17-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.7-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-console-rhel9",
          "product": "RHODF-4.17-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.7-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/ocs-client-console-rhel9",
          "product": "RHODF-4.18-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.2-8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-console-rhel9",
          "product": "RHODF-4.18-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.2-7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "odf4/odf-multicluster-console-rhel9",
          "product": "RHODF-4.18-RHEL-9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.2-8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:cryostat:3"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Cryostat 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:logging:5"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-logging/kibana6-rhel8",
          "product": "Logging Subsystem for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:migration_toolkit_virtualization:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "migration-toolkit-virtualization/mtv-console-plugin-rhel9",
          "product": "Migration Toolkit for Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_dotnet:6.0"
          ],
          "defaultStatus": "affected",
          "packageName": "rh-dotnet60-dotnet",
          "product": ".NET 6.0 on Red Hat Enterprise Linux",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_lightspeed"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-lightspeed-beta/lightspeed-console-plugin-rhel9",
          "product": "OpenShift Lightspeed",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-console-plugin-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-hub-api-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-hub-db-migration-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-hub-ui-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:2"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/kiali-ossmc-rhel8",
          "product": "OpenShift Service Mesh 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:2"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/kiali-rhel8",
          "product": "OpenShift Service Mesh 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:red_hat_3scale_amp:2"
          ],
          "defaultStatus": "affected",
          "packageName": "3scale-amp-system-container",
          "product": "Red Hat 3scale API Management Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhacm2/console-rhel8",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "aap-cloud-ui-container",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform-25/lightspeed-rhel8",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "automation-controller",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "automation-eda-controller",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:apache_camel_hawtio:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "serialize-javascript",
          "product": "Red Hat build of Apache Camel - HawtIO 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_registry:2"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Red Hat build of Apicurio Registry 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:optaplanner:::el6"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Red Hat build of OptaPlanner 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_data_grid:8"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Red Hat Data Grid 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhdh:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhdh/rhdh-hub-rhel9",
          "product": "Red Hat Developer Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1"
          ],
          "defaultStatus": "affected",
          "packageName": "discovery-server-container",
          "product": "Red Hat Discovery 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "dotnet8.0",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "dotnet6.0",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "dotnet8.0",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcs",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "dotnet6.0",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "dotnet7.0",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pcs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_fuse:7"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Red Hat Fuse 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:integration:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "serialize-javascript",
          "product": "Red Hat Integration Camel K 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "serialize-javascript",
          "product": "Red Hat JBoss Enterprise Application Platform 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_application_platform:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "serialize-javascript",
          "product": "Red Hat JBoss Enterprise Application Platform 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jbosseapxp"
          ],
          "defaultStatus": "unaffected",
          "packageName": "serialize-javascript",
          "product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "unaffected",
          "packageName": "odh-dashboard-container",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-dashboard-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-data-science-pipelines-argo-argoexec-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-data-science-pipelines-argo-workflowcontroller-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-kf-notebook-controller-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-ml-pipelines-api-server-v2-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-ml-pipelines-driver-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-ml-pipelines-launcher-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-ml-pipelines-persistenceagent-v2-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-ml-pipelines-scheduledworkflow-v2-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "odh-model-registry-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "unaffected",
          "packageName": "odh-notebook-controller-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "unaffected",
          "packageName": "odh-operator-container",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:3.11"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift3/ose-console",
          "product": "Red Hat OpenShift Container Platform 3.11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openshift4/ose-monitoring-plugin-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3:"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/code-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3:"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/dashboard-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3:"
          ],
          "defaultStatus": "affected",
          "packageName": "devspaces/traefik-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhosdt/jaeger-agent-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rhosdt/jaeger-all-in-one-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhosdt/jaeger-collector-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhosdt/jaeger-es-index-cleaner-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhosdt/jaeger-es-rollover-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhosdt/jaeger-ingester-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3"
          ],
          "defaultStatus": "affected",
          "packageName": "rhosdt/jaeger-query-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Red Hat Process Automation 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:quay:3"
          ],
          "defaultStatus": "affected",
          "packageName": "quay/quay-rhel8",
          "product": "Red Hat Quay 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "nodejs-compression-webpack-plugin",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "nodejs-webpack",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:red_hat_single_sign_on:7"
          ],
          "defaultStatus": "affected",
          "packageName": "serialize-javascript",
          "product": "Red Hat Single Sign-On 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by a web browser, causing Cross-site scripting (XSS) attacks. This issue is critical in environments where serialized data is sent to web clients, potentially compromising the security of the website or web application using this package."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-79",
              "description": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-23T20:04:27.075Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBA-2025:0304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:0304"
        },
        {
          "name": "RHSA-2025:1334",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1334"
        },
        {
          "name": "RHSA-2025:1468",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1468"
        },
        {
          "name": "RHSA-2025:4511",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4511"
        },
        {
          "name": "RHSA-2025:8059",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8059"
        },
        {
          "name": "RHSA-2025:8479",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8479"
        },
        {
          "name": "RHSA-2025:8544",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8544"
        },
        {
          "name": "RHSA-2025:8551",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8551"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-11831"
        },
        {
          "name": "RHBZ#2312579",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2312579"
        },
        {
          "url": "https://github.com/yahoo/serialize-javascript/commit/f27d65d3de42affe2aac14607066c293891cec4e"
        },
        {
          "url": "https://github.com/yahoo/serialize-javascript/pull/173"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-16T16:43:32.021000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-16T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Npm-serialize-javascript: cross-site scripting (xss) in serialize-javascript",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-11831",
    "datePublished": "2025-02-10T15:27:46.732Z",
    "dateReserved": "2024-11-26T18:56:38.187Z",
    "dateUpdated": "2025-07-23T20:04:27.075Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-5342 (GCVE-0-2023-5342)
Vulnerability from cvelistv5
Published
2025-08-15 12:06
Modified
2025-08-15 12:57
CWE
  • CWE-324 - Use of a Key Past its Expiration Date
Summary
The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded.
Impacted products
Vendor Product Version
Version: 15.6-2   < 15.8-2
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-5342",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-15T12:56:07.496868Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-15T12:57:37.246Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://koji.fedoraproject.org/koji/packageinfo?packageID=14502",
          "defaultStatus": "unaffected",
          "packageName": "shim-x64",
          "versions": [
            {
              "lessThan": "15.8-2",
              "status": "affected",
              "version": "15.6-2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "shim",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "shim",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "shim",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "shim",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-03-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The Fedora Secure Boot CA certificate shipped with shim in Fedora was expired which could lead to old or invalid signed boot components being loaded."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-324",
              "description": "Use of a Key Past its Expiration Date",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-15T12:06:35.309Z",
        "orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
        "shortName": "fedora"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-5342"
        },
        {
          "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-2aa28a4cfc"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2198977"
        },
        {
          "name": "RHBZ#2388707",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2388707"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-14T19:49:02.481000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Shim: expired secure boot certificate",
      "x_redhatCweChain": "CWE-324: Use of a Key Past its Expiration Date"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5",
    "assignerShortName": "fedora",
    "cveId": "CVE-2023-5342",
    "datePublished": "2025-08-15T12:06:35.309Z",
    "dateReserved": "2023-10-02T16:08:44.422Z",
    "dateUpdated": "2025-08-15T12:57:37.246Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9355 (GCVE-0-2024-9355)
Vulnerability from cvelistv5
Published
2024-10-01 18:17
Modified
2025-08-04 09:54
CWE
  • CWE-457 - Use of Uninitialized Variable
Summary
A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.  It is also possible to force a derived key to be all zeros instead of an unpredictable value.  This may have follow-on implications for the Go TLS stack.
References
https://access.redhat.com/errata/RHSA-2024:10133 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7550 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8327 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8678 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8847 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9551 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2416 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7118 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7256 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7624 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9355 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2315719 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:0.10-2.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241001112709.a3795dee   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:9.2.10-20.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:5.1.1-9.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.21.13-4.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:9.2.10-19.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:132-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.6.1-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:5.1.1-4.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Satellite Client 6 for RHEL 8 Unaffected: 0:0.3.1-1.el8sat   < *
    cpe:/a:redhat:rhel_satellite_client:6::el9
    cpe:/a:redhat:rhel_satellite_client:6::el8
Create a notification for this product.
   Red Hat Satellite Client 6 for RHEL 9 Unaffected: 0:0.3.1-1.el9sat   < *
    cpe:/a:redhat:rhel_satellite_client:6::el9
    cpe:/a:redhat:rhel_satellite_client:6::el8
Create a notification for this product.
   Red Hat Streams for Apache Kafka 2.9.0     cpe:/a:redhat:amq_streams:2
Create a notification for this product.
   Red Hat NBDE Tang Server     cpe:/a:redhat:network_bound_disk_encryption_tang:1
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 1.2     cpe:/a:redhat:ansible_automation_platform
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2     cpe:/a:redhat:ansible_automation_platform:2
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat Openshift Container Storage 4     cpe:/a:redhat:openshift_container_storage:4
Create a notification for this product.
   Red Hat Red Hat Openshift Data Foundation 4     cpe:/a:redhat:openshift_data_foundation:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Spaces     cpe:/a:redhat:openshift_devspaces:3:
Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
Create a notification for this product.
   Red Hat Red Hat OpenShift on AWS     cpe:/a:redhat:openshift_service_on_aws:1
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Satellite 6     cpe:/a:redhat:satellite:6
Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
Create a notification for this product.
   Red Hat Red Hat Service Interconnect 1     cpe:/a:redhat:service_interconnect:1
Create a notification for this product.
   Red Hat Red Hat Storage 3     cpe:/a:redhat:storage:3
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9355",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-01T18:35:51.670441Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-01T18:37:53.436Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/golang-fips/openssl",
          "defaultStatus": "affected",
          "packageName": "github.com/golang-fips/openssl"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "rhc-worker-script",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.10-2.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "go-toolset:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020241001112709.a3795dee",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.10-20.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.1.1-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "golang",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.21.13-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:9.2.10-19.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:132-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "git-lfs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.1-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:5.1.1-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_satellite_client:6::el9",
            "cpe:/a:redhat:rhel_satellite_client:6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman_ygg_worker",
          "product": "Satellite Client 6 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.3.1-1.el8sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_satellite_client:6::el9",
            "cpe:/a:redhat:rhel_satellite_client:6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "foreman_ygg_worker",
          "product": "Satellite Client 6 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.3.1-1.el9sat",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:amq_streams:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "golang-github-danielqsj-kafka_exporter",
          "product": "Streams for Apache Kafka 2.9.0",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:network_bound_disk_encryption_tang:1"
          ],
          "defaultStatus": "affected",
          "packageName": "tang-operator-bundle-container",
          "product": "NBDE Tang Server",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "helm",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "odo",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines-client",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-clients",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform"
          ],
          "defaultStatus": "affected",
          "packageName": "helm",
          "product": "Red Hat Ansible Automation Platform 1.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat Ansible Automation Platform 1.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "automation-gateway-proxy",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "affected",
          "packageName": "receptor",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "butane",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "delve",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "git-lfs",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "golang-github-openprinting-ipp-usb",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grafana",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gvisor-tap-vsock",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ignition",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsyslog",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "toolbox",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "yggdrasil",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "yggdrasil-worker-package-manager",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "host-metering",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/buildah",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/conmon",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/containernetworking-plugins",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/podman",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/runc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/skopeo",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/toolbox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "git-lfs",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "osbuild-composer",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsyslog",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "weldr-client",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "grafana-pcp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gvisor-tap-vsock",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opentelemetry-collector",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsyslog",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "toolbox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "weldr-client",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "butane",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "conmon-rs",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "containernetworking-plugins",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-tools",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-github-prometheus-promu",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "ignition",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "lifecycle-agent-operator-bundle-container",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "microshift",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/bare-metal-event-relay-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/numaresources-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-aws-efs-csi-driver-container-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-gcp-filestore-csi-driver-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-secrets-store-csi-driver-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-sriov-network-metrics-exporter-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-sriov-rdma-cni-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-vertical-pod-autoscaler-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/sriov-network-metrics-exporter-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/topology-aware-lifecycle-manager-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-clients",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "ose-aws-ecr-image-credential-provider",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "ose-azure-acr-image-credential-provider",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "ose-gcp-gcr-image-credential-provider",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "runc",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_container_storage:4"
          ],
          "defaultStatus": "affected",
          "packageName": "mcg",
          "product": "Red Hat Openshift Container Storage 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_data_foundation:4"
          ],
          "defaultStatus": "affected",
          "packageName": "mcg",
          "product": "Red Hat Openshift Data Foundation 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_devspaces:3:"
          ],
          "defaultStatus": "unaffected",
          "packageName": "devspaces/machineexec-rhel8",
          "product": "Red Hat OpenShift Dev Spaces",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-operator-bundle",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_service_on_aws:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rosa",
          "product": "Red Hat OpenShift on AWS",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "kubevirt",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "etcd",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-github-infrawatch-apputils",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-qpid-apache",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "affected",
          "packageName": "qpid-proton",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "affected",
          "packageName": "etcd",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-github-infrawatch-apputils",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "affected",
          "packageName": "golang-qpid-apache",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "affected",
          "packageName": "qpid-proton",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qpid-proton",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "satellite-capsule:el8/qpid-proton",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite:el8/qpid-proton",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "satellite:el8/yggdrasil-worker-forwarder",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:satellite:6"
          ],
          "defaultStatus": "affected",
          "packageName": "yggdrasil-worker-forwarder",
          "product": "Red Hat Satellite 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1"
          ],
          "defaultStatus": "affected",
          "packageName": "qpid-proton",
          "product": "Red Hat Service Interconnect 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1"
          ],
          "defaultStatus": "affected",
          "packageName": "skupper-cli",
          "product": "Red Hat Service Interconnect 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_interconnect:1"
          ],
          "defaultStatus": "affected",
          "packageName": "skupper-router",
          "product": "Red Hat Service Interconnect 1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:storage:3"
          ],
          "defaultStatus": "affected",
          "packageName": "heketi",
          "product": "Red Hat Storage 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/fulcio-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by David Benoit (Red Hat)."
        }
      ],
      "datePublic": "2024-09-30T20:53:42.833Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Golang FIPS OpenSSL. This flaw allows a malicious user to randomly cause an uninitialized buffer length variable with a zeroed buffer to be returned in FIPS mode. It may also be possible to force a false positive match between non-equal hashes when comparing a trusted computed hmac sum to an untrusted input sum if an attacker can send a zeroed buffer in place of a pre-computed sum.\u00a0 It is also possible to force a derived key to be all zeros instead of an unpredictable value.\u00a0 This may have follow-on implications for the Go TLS stack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-457",
              "description": "Use of Uninitialized Variable",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T09:54:49.542Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10133",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10133"
        },
        {
          "name": "RHSA-2024:7502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7502"
        },
        {
          "name": "RHSA-2024:7550",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7550"
        },
        {
          "name": "RHSA-2024:8327",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8327"
        },
        {
          "name": "RHSA-2024:8678",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8678"
        },
        {
          "name": "RHSA-2024:8847",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8847"
        },
        {
          "name": "RHSA-2024:9551",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9551"
        },
        {
          "name": "RHSA-2025:2416",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2416"
        },
        {
          "name": "RHSA-2025:7118",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7118"
        },
        {
          "name": "RHSA-2025:7256",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7256"
        },
        {
          "name": "RHSA-2025:7624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7624"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9355"
        },
        {
          "name": "RHBZ#2315719",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2315719"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-30T17:51:17.811000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-30T20:53:42.833000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Golang-fips: golang fips zeroed buffer",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-457: Use of Uninitialized Variable"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9355",
    "datePublished": "2024-10-01T18:17:29.420Z",
    "dateReserved": "2024-09-30T17:07:30.833Z",
    "dateUpdated": "2025-08-04T09:54:49.542Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3049 (GCVE-0-2024-3049)
Vulnerability from cvelistv5
Published
2024-06-06 05:30
Modified
2025-08-01 15:59
CWE
  • CWE-345 - Insufficient Verification of Data Authenticity
Summary
A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server.
References
https://access.redhat.com/errata/RHSA-2024:3657 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3658 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3659 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3660 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3661 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4400 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4411 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3049 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2272082 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.0-283.1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.1-1.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::highavailability
    cpe:/a:redhat:enterprise_linux:8::resilientstorage
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.0-199.1.ac1d34c.git.el8_4.2   < *
    cpe:/a:redhat:rhel_e4s:8.4::highavailability
    cpe:/a:redhat:rhel_tus:8.4::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.0-199.1.ac1d34c.git.el8_4.2   < *
    cpe:/a:redhat:rhel_e4s:8.4::highavailability
    cpe:/a:redhat:rhel_tus:8.4::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.0-199.1.ac1d34c.git.el8_6.2   < *
    cpe:/a:redhat:rhel_tus:8.6::highavailability
    cpe:/a:redhat:rhel_e4s:8.6::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.0-199.1.ac1d34c.git.el8_6.2   < *
    cpe:/a:redhat:rhel_tus:8.6::highavailability
    cpe:/a:redhat:rhel_e4s:8.6::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.0-283.1.9d4029a.git.el8_8.1   < *
    cpe:/a:redhat:rhel_eus:8.8::resilientstorage
    cpe:/a:redhat:rhel_eus:8.8::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.1-1.el9_4.1   < *
    cpe:/a:redhat:enterprise_linux:9::resilientstorage
    cpe:/a:redhat:enterprise_linux:9::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.0-251.3.bfb2f92.git.el9_0.2   < *
    cpe:/a:redhat:rhel_e4s:9.0::highavailability
    cpe:/a:redhat:rhel_e4s:9.0::resilientstorage
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.0-283.1.9d4029a.git.el9_2.1   < *
    cpe:/a:redhat:rhel_eus:9.2::resilientstorage
    cpe:/a:redhat:rhel_eus:9.2::highavailability
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3049",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-13T20:24:04.305850Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-13T20:24:16.483Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-24T18:03:12.532Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:3657",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3657"
          },
          {
            "name": "RHSA-2024:3658",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3658"
          },
          {
            "name": "RHSA-2024:3659",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3659"
          },
          {
            "name": "RHSA-2024:3660",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3660"
          },
          {
            "name": "RHSA-2024:3661",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3661"
          },
          {
            "name": "RHSA-2024:4400",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4400"
          },
          {
            "name": "RHSA-2024:4411",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4411"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3049"
          },
          {
            "name": "RHBZ#2272082",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ERCFM3HXFJKLEMMWU3CZLPKH5LZAEDAN/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KPK5BHYOB7CFFRQAN55YV5LH44PWHMQD/"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00037.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ClusterLabs/booth",
          "defaultStatus": "unaffected",
          "packageName": "booth",
          "versions": [
            {
              "status": "affected",
              "version": "1.0-283.1"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::highavailability",
            "cpe:/a:redhat:enterprise_linux:8::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1-1.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::highavailability",
            "cpe:/a:redhat:rhel_tus:8.4::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::highavailability",
            "cpe:/a:redhat:rhel_tus:8.4::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-199.1.ac1d34c.git.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::highavailability",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-199.1.ac1d34c.git.el8_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::highavailability",
            "cpe:/a:redhat:rhel_e4s:8.6::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-199.1.ac1d34c.git.el8_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::resilientstorage",
            "cpe:/a:redhat:rhel_eus:8.8::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-283.1.9d4029a.git.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::resilientstorage",
            "cpe:/a:redhat:enterprise_linux:9::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1-1.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::highavailability",
            "cpe:/a:redhat:rhel_e4s:9.0::resilientstorage"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-251.3.bfb2f92.git.el9_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::resilientstorage",
            "cpe:/a:redhat:rhel_eus:9.2::highavailability"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.0-283.1.9d4029a.git.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unknown",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "booth",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-05-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Booth, a cluster ticket manager. If a specially-crafted hash is passed to gcry_md_get_algo_dlen(), it may allow an invalid HMAC to be accepted by the Booth server."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-345",
              "description": "Insufficient Verification of Data Authenticity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T15:59:04.812Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:3657",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3657"
        },
        {
          "name": "RHSA-2024:3658",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3658"
        },
        {
          "name": "RHSA-2024:3659",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3659"
        },
        {
          "name": "RHSA-2024:3660",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3660"
        },
        {
          "name": "RHSA-2024:3661",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3661"
        },
        {
          "name": "RHSA-2024:4400",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4400"
        },
        {
          "name": "RHSA-2024:4411",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4411"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3049"
        },
        {
          "name": "RHBZ#2272082",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272082"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-28T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-05-27T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Booth: specially crafted hash can lead to invalid hmac being accepted by booth server",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-345: Insufficient Verification of Data Authenticity"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3049",
    "datePublished": "2024-06-06T05:30:04.137Z",
    "dateReserved": "2024-03-28T17:17:50.507Z",
    "dateUpdated": "2025-08-01T15:59:04.812Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49794 (GCVE-0-2025-49794)
Vulnerability from cvelistv5
Published
2025-06-16 15:24
Modified
2025-08-07 08:57
Severity ?
CWE
  • CWE-825 - Expired Pointer Dereference
Summary
A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the <sch:name path="..."/> schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program's crash using libxml or other possible undefined behaviors.
References
https://access.redhat.com/errata/RHSA-2025:10630 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10698 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10699 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11580 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12098 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12099 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12199 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12237 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12239 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12240 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12241 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13335 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49794 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2372373 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.12.5-7.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.9.1-6.el7_9.10   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.9.7-9.el8_2.3   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-9.el8_4.6   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:2.9.7-9.el8_4.6   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.9.7-13.el8_6.10   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:2.9.7-16.el8_8.9   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/o:redhat:rhel_e4s:8.8::baseos
    cpe:/o:redhat:rhel_tus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:2.9.7-16.el8_8.9   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/o:redhat:rhel_e4s:8.8::baseos
    cpe:/o:redhat:rhel_tus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-10.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-10.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.9.13-1.el9_0.5   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.9.13-3.el9_2.7   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
    cpe:/o:redhat:rhel_e4s:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.9.13-10.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d   < *
    cpe:/a:redhat:insights_proxy:1.5::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat JBoss Core Services     cpe:/a:redhat:jboss_core_services:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49794",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-16T15:50:46.041375Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-16T15:51:46.475Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.12.5-7.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.1-6.el7_9.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos",
            "cpe:/o:redhat:rhel_tus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos",
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-1.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-3.el9_2.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-10.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability was found in libxml2. This issue occurs when parsing XPath elements under certain circumstances when the XML schematron has the \u003csch:name path=\"...\"/\u003e schema elements. This flaw allows a malicious actor to craft a malicious XML document used as input for libxml, resulting in the program\u0027s crash using libxml or other possible undefined behaviors."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-825",
              "description": "Expired Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-07T08:57:42.694Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10630",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10630"
        },
        {
          "name": "RHSA-2025:10698",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10698"
        },
        {
          "name": "RHSA-2025:10699",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10699"
        },
        {
          "name": "RHSA-2025:11580",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11580"
        },
        {
          "name": "RHSA-2025:12098",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12098"
        },
        {
          "name": "RHSA-2025:12099",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12099"
        },
        {
          "name": "RHSA-2025:12199",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12199"
        },
        {
          "name": "RHSA-2025:12237",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12237"
        },
        {
          "name": "RHSA-2025:12239",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12239"
        },
        {
          "name": "RHSA-2025:12240",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12240"
        },
        {
          "name": "RHSA-2025:12241",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12241"
        },
        {
          "name": "RHSA-2025:13335",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13335"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49794"
        },
        {
          "name": "RHBZ#2372373",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372373"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-11T21:33:43.044000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxml: heap use after free (uaf) leads to denial of service (dos)",
      "workarounds": [
        {
          "lang": "en",
          "value": "There\u0027s no available mitigation other than avoid processing untrusted XML documents before updating to the libxml version containing the fix."
        }
      ],
      "x_redhatCweChain": "CWE-825: Expired Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49794",
    "datePublished": "2025-06-16T15:24:31.020Z",
    "dateReserved": "2025-06-10T22:17:05.286Z",
    "dateUpdated": "2025-08-07T08:57:42.694Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32907 (GCVE-0-2025-32907)
Vulnerability from cvelistv5
Published
2025-04-14 14:00
Modified
2025-07-29 07:22
CWE
  • CWE-1050 - Excessive Platform Resource Consumption within a Loop
Summary
A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service.
References
https://access.redhat.com/errata/RHSA-2025:4439 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8128 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32907 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359342 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0.6   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32907",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T14:13:20.381645Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T18:06:39.339Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The implementation of HTTP range requests is vulnerable to a resource consumption attack. This flaw allows a malicious client to request the same range many times in a single HTTP request, causing the server to use large amounts of memory. This does not allow for a full denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1050",
              "description": "Excessive Platform Resource Consumption within a Loop",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:22:10.578Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4439"
        },
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8128"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32907"
        },
        {
          "name": "RHBZ#2359342",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359342"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:27:08.699000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: denial of service in server when client requests a large amount of  overlapping ranges with range header",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation was found for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-1050: Excessive Platform Resource Consumption within a Loop"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32907",
    "datePublished": "2025-04-14T14:00:09.723Z",
    "dateReserved": "2025-04-14T01:37:48.152Z",
    "dateUpdated": "2025-07-29T07:22:10.578Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32909 (GCVE-0-2025-32909)
Vulnerability from cvelistv5
Published
2025-04-14 14:42
Modified
2025-07-29 07:22
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash.
References
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32909 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359353 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32909",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T15:33:27.428169Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T15:33:52.698Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. SoupContentSniffer may be vulnerable to a NULL pointer dereference in the sniff_mp4 function. The HTTP server may cause the libsoup client to crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:22:32.499Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32909"
        },
        {
          "name": "RHBZ#2359353",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359353"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:20:58.996000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: null pointer dereference on libsoup through  function \"sniff_mp4\" in soup-content-sniffer.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32909",
    "datePublished": "2025-04-14T14:42:26.433Z",
    "dateReserved": "2025-04-14T01:59:13.827Z",
    "dateUpdated": "2025-07-29T07:22:32.499Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-56826 (GCVE-0-2024-56826)
Vulnerability from cvelistv5
Published
2025-01-09 03:40
Modified
2025-08-03 08:52
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.4.0-8.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-56826",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-09T15:40:54.664195Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-09T15:41:17.638Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/uclouvain/openjpeg",
          "defaultStatus": "unknown",
          "packageName": "openjpeg",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.5.3",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.0-8.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "gimp:flatpak/openjpeg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Frank Zeng (Huazhong University of Science and Technology) for reporting this issue."
        }
      ],
      "datePublic": "2024-12-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility.  This can lead to an application crash or other undefined behavior."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:52:23.181Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7309"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-56826"
        },
        {
          "name": "RHBZ#2335172",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335172"
        },
        {
          "url": "https://github.com/uclouvain/openjpeg/commit/e492644fbded4c820ca55b5e50e598d346e850e8"
        },
        {
          "url": "https://github.com/uclouvain/openjpeg/issues/1563"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-01-01T16:37:12.963000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-12-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openjpeg: heap buffer overflow in bin/common/color.c",
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-56826",
    "datePublished": "2025-01-09T03:40:24.613Z",
    "dateReserved": "2025-01-01T17:07:45.899Z",
    "dateUpdated": "2025-08-03T08:52:23.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9902 (GCVE-0-2024-9902)
Vulnerability from cvelistv5
Published
2024-11-06 09:56
Modified
2025-07-05 05:28
CWE
  • CWE-863 - Incorrect Authorization
Summary
A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user's home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner.
References
https://access.redhat.com/errata/RHSA-2024:10762 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8969 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9894 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9902 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2318271 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   < 2.14.18rc1
Version: 2.15.0b1   < 2.15.13rc1
Version: 2.16.0b1   < 2.16.13rc1
Version: 2.17.0b1   < 2.17.6rc1
Version: 2.18.0b1   < 2.18.0rc2
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 3.0.1-96   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 3.0.1-95   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.9.27-32   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.18.0-1   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Ansible Automation Platform Execution Environments Unaffected: 2.15.12-17   < *
    cpe:/a:redhat:ansible_automation_platform:ee::el8
    cpe:/a:redhat:ansible_automation_platform:ee::el9
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 8 Unaffected: 1:2.15.13-1.el8ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
    cpe:/a:redhat:ansible_automation_platform:2.4::el8
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.4 for RHEL 9 Unaffected: 1:2.15.13-1.el9ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9
    cpe:/a:redhat:ansible_automation_platform:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8
    cpe:/a:redhat:ansible_automation_platform:2.4::el8
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 8 Unaffected: 1:2.16.13-1.el8ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
Create a notification for this product.
   Red Hat Red Hat Ansible Automation Platform 2.5 for RHEL 9 Unaffected: 1:2.16.13-1.el9ap   < *
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9
    cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8
    cpe:/a:redhat:ansible_automation_platform:2.5::el9
    cpe:/a:redhat:ansible_automation_platform:2.5::el8
    cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1 for RHEL 9 Unaffected: 0:2.14.2-4.6.el9ost   < *
    cpe:/a:redhat:openstack:17.1::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9902",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-06T14:20:56.915379Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-06T14:21:06.565Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/ansible/ansible",
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "versions": [
            {
              "lessThan": "2.14.18rc1",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "lessThan": "2.15.13rc1",
              "status": "affected",
              "version": "2.15.0b1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.16.13rc1",
              "status": "affected",
              "version": "2.16.0b1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.17.6rc1",
              "status": "affected",
              "version": "2.17.0b1",
              "versionType": "custom"
            },
            {
              "lessThan": "2.18.0rc2",
              "status": "affected",
              "version": "2.18.0b1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-96",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ansible-builder-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3.0.1-95",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-29-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.9.27-32",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel8",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.18.0-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:ee::el8",
            "cpe:/a:redhat:ansible_automation_platform:ee::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-automation-platform/ee-minimal-rhel9",
          "product": "Ansible Automation Platform Execution Environments",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.15.12-17",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.15.13-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.4::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.4::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.4::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.15.13-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.13-1.el8ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform_developer:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el9",
            "cpe:/a:redhat:ansible_automation_platform:2.5::el8",
            "cpe:/a:redhat:ansible_automation_platform_inside:2.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "ansible-core",
          "product": "Red Hat Ansible Automation Platform 2.5 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.16.13-1.el9ap",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openstack-ansible-core",
          "product": "Red Hat OpenStack Platform 17.1 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.14.2-4.6.el9ost",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ansible-core",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matt Clay for reporting this issue."
        }
      ],
      "datePublic": "2024-11-06T06:11:25.611Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Ansible. The ansible-core `user` module can allow an unprivileged user to silently create or replace the contents of any file on any system path and take ownership of it when a privileged user executes the `user` module against the unprivileged user\u0027s home directory. If the unprivileged user has traversal permissions on the directory containing the exploited target file, they retain full control over the contents of the file as its owner."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-863",
              "description": "Incorrect Authorization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T05:28:47.293Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10762",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10762"
        },
        {
          "name": "RHSA-2024:8969",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8969"
        },
        {
          "name": "RHSA-2024:9894",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9894"
        },
        {
          "name": "RHSA-2025:1861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1861"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9902"
        },
        {
          "name": "RHBZ#2318271",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318271"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-12T02:41:32.581000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-06T06:11:25.611000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Ansible-core: ansible-core user may read/write unauthorized content",
      "workarounds": [
        {
          "lang": "en",
          "value": "In the play that uses the user module with the key generation option,\nhave a prior task ensuring the public key does not exist for example:\n\n- name: avoid user exploit (change name depending on other options\nused in user task)\nfile: path=/home/{{username}}/.ssh/id_rsa.pub state=absent"
        }
      ],
      "x_redhatCweChain": "CWE-863: Incorrect Authorization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9902",
    "datePublished": "2024-11-06T09:56:54.505Z",
    "dateReserved": "2024-10-12T02:46:57.580Z",
    "dateUpdated": "2025-07-05T05:28:47.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26600 (GCVE-0-2025-26600)
Vulnerability from cvelistv5
Published
2025-02-25 15:55
Modified
2025-07-29 00:20
CWE
Summary
A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26600 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345252 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26600",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T16:16:54.221297Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T16:17:05.872Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-16T23:03:09.157Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250516-0005/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free flaw was found in X.Org and Xwayland. When a device is removed while still frozen, the events queued for that device remain while the device is freed. Replaying the events will cause a use-after-free."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:20:27.674Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26600"
        },
        {
          "name": "RHBZ#2345252",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345252"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:15:01.957000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: use-after-free in playreleasedevents()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26600",
    "datePublished": "2025-02-25T15:55:20.421Z",
    "dateReserved": "2025-02-12T14:12:22.796Z",
    "dateUpdated": "2025-07-29T00:20:27.674Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-31083 (GCVE-0-2024-31083)
Vulnerability from cvelistv5
Published
2024-04-05 12:04
Modified
2025-08-04 21:06
CWE
Summary
A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request.
References
https://access.redhat.com/errata/RHSA-2024:1785 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2036 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2037 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2038 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2039 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2040 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2041 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2042 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2080 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2616 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3261 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9093 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9122 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12751 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-31083 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2272000 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 21.1.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.13   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.20.4-29.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.8.0-33.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::server
    cpe:/o:redhat:enterprise_linux:7::workstation
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-2.el8_9.10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-23.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-10.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-16.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Telecommunications Update Service Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions Unaffected: 0:1.9.0-15.el8_2.11   < *
    cpe:/a:redhat:rhel_tus:8.2::appstream
    cpe:/a:redhat:rhel_e4s:8.2::appstream
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.10   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:1.12.0-6.el8_6.11   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.10   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.13.1-8.el9_4.3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-26.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 0:1.11.0-22.el9_0.11   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.8   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-31083",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-05T18:36:25.769082Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-20T14:32:44.924Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T01:46:04.596Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/03/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/12/10"
          },
          {
            "name": "RHSA-2024:1785",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1785"
          },
          {
            "name": "RHSA-2024:2036",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2036"
          },
          {
            "name": "RHSA-2024:2037",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2037"
          },
          {
            "name": "RHSA-2024:2038",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2038"
          },
          {
            "name": "RHSA-2024:2039",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2039"
          },
          {
            "name": "RHSA-2024:2040",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2040"
          },
          {
            "name": "RHSA-2024:2041",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2041"
          },
          {
            "name": "RHSA-2024:2042",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2042"
          },
          {
            "name": "RHSA-2024:2080",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2080"
          },
          {
            "name": "RHSA-2024:2616",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2616"
          },
          {
            "name": "RHSA-2024:3258",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3258"
          },
          {
            "name": "RHSA-2024:3261",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3261"
          },
          {
            "name": "RHSA-2024:3343",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3343"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-31083"
          },
          {
            "name": "RHBZ#2272000",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver",
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "versions": [
            {
              "status": "affected",
              "version": "21.1.12"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-29.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::server",
            "cpe:/o:redhat:enterprise_linux:7::workstation"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-33.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-2.el8_9.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-23.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-10.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-16.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.2::appstream",
            "cpe:/a:redhat:rhel_e4s:8.2::appstream",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free vulnerability was found in the ProcRenderAddGlyphs() function of Xorg servers. This issue occurs when AllocateGlyph() is called to store new glyphs sent by the client to the X server, potentially resulting in multiple entries pointing to the same non-refcounted glyphs. Consequently, ProcRenderAddGlyphs() may free a glyph, leading to a use-after-free scenario when the same glyph pointer is subsequently accessed. This flaw allows an authenticated attacker to execute arbitrary code on the system by sending a specially crafted request."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T21:06:48.612Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1785"
        },
        {
          "name": "RHSA-2024:2036",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2036"
        },
        {
          "name": "RHSA-2024:2037",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2037"
        },
        {
          "name": "RHSA-2024:2038",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2038"
        },
        {
          "name": "RHSA-2024:2039",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2039"
        },
        {
          "name": "RHSA-2024:2040",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2040"
        },
        {
          "name": "RHSA-2024:2041",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2041"
        },
        {
          "name": "RHSA-2024:2042",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2042"
        },
        {
          "name": "RHSA-2024:2080",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2080"
        },
        {
          "name": "RHSA-2024:2616",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2616"
        },
        {
          "name": "RHSA-2024:3258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3258"
        },
        {
          "name": "RHSA-2024:3261",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3261"
        },
        {
          "name": "RHSA-2024:3343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3343"
        },
        {
          "name": "RHSA-2024:9093",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9093"
        },
        {
          "name": "RHSA-2024:9122",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9122"
        },
        {
          "name": "RHSA-2025:12751",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12751"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-31083"
        },
        {
          "name": "RHBZ#2272000",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-28T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server: use-after-free in procrenderaddglyphs",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-31083",
    "datePublished": "2024-04-05T12:04:49.414Z",
    "dateReserved": "2024-03-28T02:56:55.575Z",
    "dateUpdated": "2025-08-04T21:06:48.612Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4969 (GCVE-0-2025-4969)
Vulnerability from cvelistv5
Published
2025-05-21 01:44
Modified
2025-07-30 15:16
CWE
Summary
A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read).
References
Impacted products
Vendor Product Version
Version: 0    3.6.5
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4969",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-21T10:19:28.565929Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-21T10:20:03.235Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThanOrEqual": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in the libsoup package. This flaw stems from its failure to correctly verify the termination of multipart HTTP messages. This can allow a remote attacker to send a specially crafted multipart HTTP body, causing the libsoup-consuming server to read beyond its allocated memory boundaries (out-of-bounds read)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-30T15:16:46.520Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4969"
        },
        {
          "name": "RHBZ#2367552",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367552"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-20T16:24:36.420000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: off-by-one out-of-bounds read in find_boundary() in soup-multipart.c",
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4969",
    "datePublished": "2025-05-21T01:44:13.820Z",
    "dateReserved": "2025-05-19T21:14:09.795Z",
    "dateUpdated": "2025-07-30T15:16:46.520Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12747 (GCVE-0-2024-12747)
Vulnerability from cvelistv5
Published
2025-01-14 17:39
Modified
2025-07-29 09:34
CWE
  • CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Summary
A flaw was found in rsync. This vulnerability arises from a race condition during rsync's handling of symbolic links. Rsync's default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation.
References
Impacted products
Vendor Product Version
Version: 0    3.3.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-21.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.5-3.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.5-3.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12747",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-14T18:38:10.199669Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-14T18:38:36.602Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RsyncProject/rsync",
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-21.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.5-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.5-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Aleksei Gorban \"loqpa\" for reporting this issue."
        }
      ],
      "datePublic": "2025-01-14T15:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in rsync. This vulnerability arises from a race condition during rsync\u0027s handling of symbolic links. Rsync\u0027s default behavior when encountering symbolic links is to skip them. If an attacker replaced a regular file with a symbolic link at the right time, it was possible to bypass the default behavior and traverse symbolic links. Depending on the privileges of the rsync process, an attacker could leak sensitive information, potentially leading to privilege escalation."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-362",
              "description": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:34:00.807Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2600",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2600"
        },
        {
          "name": "RHSA-2025:7050",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7050"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12747"
        },
        {
          "name": "RHBZ#2332968",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2332968"
        },
        {
          "url": "https://kb.cert.org/vuls/id/952657"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-18T07:12:52.493000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-14T15:06:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rsync: race condition in rsync handling symbolic links",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12747",
    "datePublished": "2025-01-14T17:39:16.031Z",
    "dateReserved": "2024-12-18T06:49:21.481Z",
    "dateUpdated": "2025-07-29T09:34:00.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32914 (GCVE-0-2025-32914)
Vulnerability from cvelistv5
Published
2025-04-14 14:45
Modified
2025-07-29 07:23
CWE
Summary
A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds.
References
https://access.redhat.com/errata/RHSA-2025:7505 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8126 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8132 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8139 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8140 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8252 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8480 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8481 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8482 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8663 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32914 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359358 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.5   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.5   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.5   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.5   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.5   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32914",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T15:05:22.790979Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T15:05:37.281Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup, where the soup_multipart_new_from_message() function is vulnerable to an out-of-bounds read. This flaw allows a malicious HTTP client to induce the libsoup server to read out of bounds."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:23:35.068Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7505"
        },
        {
          "name": "RHSA-2025:8126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8126"
        },
        {
          "name": "RHSA-2025:8132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8132"
        },
        {
          "name": "RHSA-2025:8139",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8139"
        },
        {
          "name": "RHSA-2025:8140",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8140"
        },
        {
          "name": "RHSA-2025:8252",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8252"
        },
        {
          "name": "RHSA-2025:8480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8480"
        },
        {
          "name": "RHSA-2025:8481",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8481"
        },
        {
          "name": "RHSA-2025:8482",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8482"
        },
        {
          "name": "RHSA-2025:8663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8663"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32914"
        },
        {
          "name": "RHBZ#2359358",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359358"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:21:01.384000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: oob read on libsoup through function  \"soup_multipart_new_from_message\" in soup-multipart.c leads to crash or  exit of process",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32914",
    "datePublished": "2025-04-14T14:45:46.300Z",
    "dateReserved": "2025-04-14T01:59:13.828Z",
    "dateUpdated": "2025-07-29T07:23:35.068Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-5564 (GCVE-0-2024-5564)
Vulnerability from cvelistv5
Published
2024-05-31 18:31
Modified
2025-07-14 13:26
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information.
References
https://access.redhat.com/errata/RHBA-2025:6631 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4618 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4619 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4620 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4622 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4636 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4640 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4641 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4642 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4643 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-5564 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2284122 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:1.9-2.el10   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.2-10.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.7-7.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.7-4.el8_2   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.7-6.el8_4   < *
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.7-6.el8_4   < *
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.7-6.el8_4   < *
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.7-7.el8_6   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.7-7.el8_6   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.7-7.el8_6   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.7-7.el8_8   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.8-6.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.8-5.el9_0   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.8-5.el9_2   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-5564",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-05-31T20:17:36.331326Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T18:02:43.761Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:18:06.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:4618",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4618"
          },
          {
            "name": "RHSA-2024:4619",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4619"
          },
          {
            "name": "RHSA-2024:4620",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4620"
          },
          {
            "name": "RHSA-2024:4622",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4622"
          },
          {
            "name": "RHSA-2024:4636",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4636"
          },
          {
            "name": "RHSA-2024:4640",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4640"
          },
          {
            "name": "RHSA-2024:4641",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4641"
          },
          {
            "name": "RHSA-2024:4642",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4642"
          },
          {
            "name": "RHSA-2024:4643",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4643"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-5564"
          },
          {
            "name": "RHBZ#2284122",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00011.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/jpirko/libndp",
          "defaultStatus": "unaffected",
          "packageName": "libndp",
          "versions": [
            {
              "lessThan": "1.7-7",
              "status": "affected",
              "version": "1.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9-2.el10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2-10.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-7.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-7.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-7.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.7-7.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8-5.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libndp",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8-5.el9_2",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Upstream acknowledges Evgeny Vereshchagin as the original reporter."
        }
      ],
      "datePublic": "2024-05-31T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in libndp. This flaw allows a local malicious user to cause a buffer overflow in NetworkManager, triggered by sending a malformed IPv6 router advertisement packet. This issue occurred as libndp was not correctly validating the route length information."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-14T13:26:44.060Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBA-2025:6631",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:6631"
        },
        {
          "name": "RHSA-2024:4618",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4618"
        },
        {
          "name": "RHSA-2024:4619",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4619"
        },
        {
          "name": "RHSA-2024:4620",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4620"
        },
        {
          "name": "RHSA-2024:4622",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4622"
        },
        {
          "name": "RHSA-2024:4636",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4636"
        },
        {
          "name": "RHSA-2024:4640",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4640"
        },
        {
          "name": "RHSA-2024:4641",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4641"
        },
        {
          "name": "RHSA-2024:4642",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4642"
        },
        {
          "name": "RHSA-2024:4643",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4643"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-5564"
        },
        {
          "name": "RHBZ#2284122",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2284122"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-05-31T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-05-31T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libndp: buffer overflow in route information length field",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently there is no mitigation available for this vulnerability.  Please make sure to update as the fixes become available."
        }
      ],
      "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-5564",
    "datePublished": "2024-05-31T18:31:47.333Z",
    "dateReserved": "2024-05-31T13:34:41.061Z",
    "dateUpdated": "2025-07-14T13:26:44.060Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6239 (GCVE-0-2024-6239)
Vulnerability from cvelistv5
Published
2024-06-21 13:28
Modified
2025-08-03 08:43
CWE
  • CWE-20 - Improper Input Validation
Summary
A flaw was found in the Poppler's Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service.
References
https://access.redhat.com/errata/RHSA-2024:5305 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9167 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6239 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2293594 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 24.06.0    24.06.1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:20.11.0-12.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:21.01.0-21.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6239",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-24T15:14:35.733533Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-24T15:14:46.716Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:33:05.086Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6239"
          },
          {
            "name": "RHBZ#2293594",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293594"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/poppler/poppler",
          "defaultStatus": "unaffected",
          "packageName": "poppler",
          "versions": [
            {
              "lessThanOrEqual": "24.06.1",
              "status": "affected",
              "version": "24.06.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "poppler",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:20.11.0-12.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "poppler",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.01.0-21.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "poppler",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "poppler",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "compat-poppler022",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "poppler",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gimp:flatpak/poppler",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "inkscape:flatpak/poppler",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libreoffice:flatpak/poppler",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "inkscape:flatpak/poppler",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libreoffice:flatpak/poppler",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-06-06T09:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Poppler\u0027s Pdfinfo utility. This issue occurs when using -dests parameter with pdfinfo utility. By using certain malformed input files, an attacker could cause the utility to crash, leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:43:20.457Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:5305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5305"
        },
        {
          "name": "RHSA-2024:9167",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9167"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6239"
        },
        {
          "name": "RHBZ#2293594",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2293594"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-20T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-06-06T09:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Poppler: pdfinfo: crash in broken documents when using -dests parameter",
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6239",
    "datePublished": "2024-06-21T13:28:23.857Z",
    "dateReserved": "2024-06-21T04:27:59.923Z",
    "dateUpdated": "2025-08-03T08:43:20.457Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6505 (GCVE-0-2024-6505)
Vulnerability from cvelistv5
Published
2024-07-05 13:51
Modified
2025-08-04 03:55
CWE
Summary
A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host.
References
Impacted products
Vendor Product Version
Version: 5.1.0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6505",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-13T20:15:08.315330Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-13T20:15:15.670Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-16T17:02:42.843Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6505"
          },
          {
            "name": "RHBZ#2295760",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295760"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20240816-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/qemu-project/qemu",
          "defaultStatus": "unaffected",
          "packageName": "qemu",
          "versions": [
            {
              "lessThan": "9.1.0",
              "status": "affected",
              "version": "5.1.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm-ma",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-07-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the virtio-net device in QEMU. When enabling the RSS feature on the virtio-net network card, the indirections_table data within RSS becomes controllable. Setting excessively large values may cause an index out-of-bounds issue, potentially resulting in heap overflow access. This flaw allows a privileged user in the guest to crash the QEMU process on the host."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T03:55:35.597Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6505"
        },
        {
          "name": "RHBZ#2295760",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295760"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-04T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-04T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Qemu-kvm: virtio-net: queue index out-of-bounds access in software rss",
      "workarounds": [
        {
          "lang": "en",
          "value": "A viable mitigation for this vulnerability is to disable RSS on the nic/virtio driver. \nThis can be performed either with the following qemu-kvm command \"-device virtio-net-pci,rss=off\", or, alternatively, by directly modifying the KVM XML file to disable RSS using a standard configuration tool (ex. libvirt)."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6505",
    "datePublished": "2024-07-05T13:51:38.241Z",
    "dateReserved": "2024-07-04T09:08:42.796Z",
    "dateUpdated": "2025-08-04T03:55:35.597Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0689 (GCVE-0-2025-0689)
Vulnerability from cvelistv5
Published
2025-03-03 14:17
Modified
2025-08-12 13:57
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0689",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T15:08:10.060966Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T15:10:37.636Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "When reading data from disk, the grub\u0027s UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T13:57:29.290Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0689"
        },
        {
          "name": "RHBZ#2346122",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346122"
        },
        {
          "url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:34:11.237000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: udf: heap based buffer overflow in grub_udf_read_block() may lead to arbitrary code execution",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not run grub2 in an untrusted environment, specifically with a UDF file system image."
        }
      ],
      "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0689",
    "datePublished": "2025-03-03T14:17:32.517Z",
    "dateReserved": "2025-01-23T19:49:12.475Z",
    "dateUpdated": "2025-08-12T13:57:29.290Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49179 (GCVE-0-2025-49179)
Vulnerability from cvelistv5
Published
2025-06-17 14:54
Modified
2025-07-15 01:04
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.
References
https://access.redhat.com/errata/RHSA-2025:10258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10342 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10344 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10346 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10347 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10348 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10349 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10350 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10351 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10352 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10355 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10356 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10360 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10370 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10375 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10376 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10377 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10378 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10381 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10410 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9303 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9304 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9305 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9306 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9392 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49179 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369978 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7.7 Advanced Update Support Unaffected: 0:1.8.0-17.el7_7.1   < *
    cpe:/o:redhat:rhel_aus:7.7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-32.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9.2   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-26.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-18.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.15.0-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.14   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.20.6-4.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-31.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-4.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:21.1.3-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.20.11-11.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.15   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:21.1.3-8.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.20.11-18.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.12.0-14.el9_2.12   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:22.1.9-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.20.11-26.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::crb
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.7   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49179",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:03:25.523317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:04:08.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:04:53.638Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49179"
        },
        {
          "name": "RHBZ#2369978",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:11:40.389000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49179",
    "datePublished": "2025-06-17T14:54:49.288Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:04:53.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-7425 (GCVE-0-2025-7425)
Vulnerability from cvelistv5
Published
2025-07-10 13:53
Modified
2025-08-11 14:59
CWE
Summary
A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption.
References
https://access.redhat.com/errata/RHSA-2025:12447 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12450 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13267 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13308 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13309 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13310 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13311 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13312 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13313 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13314 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13335 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13464 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13622 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-7425 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2379274 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libxslt/-/issues/140
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.9.1-6.el7_9.12   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.2   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.9.7-21.el8_10.2   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.9.7-9.el8_2.4   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-9.el8_4.7   < *
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:2.9.7-9.el8_4.7   < *
    cpe:/o:redhat:rhel_eus_long_life:8.4::baseos
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.9.7-13.el8_6.11   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.9.7-13.el8_6.11   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.9.7-13.el8_6.11   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:2.9.7-16.el8_8.10   < *
    cpe:/o:redhat:rhel_tus:8.8::baseos
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/o:redhat:rhel_e4s:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:2.9.7-16.el8_8.10   < *
    cpe:/o:redhat:rhel_tus:8.8::baseos
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/o:redhat:rhel_e4s:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-11.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.9.13-11.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.9.13-1.el9_0.6   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.9.13-3.el9_2.8   < *
    cpe:/o:redhat:rhel_e4s:9.2::baseos
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.9.13-11.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat Discovery 2 Unaffected: sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec   < *
    cpe:/a:redhat:discovery:2::el9
Create a notification for this product.
   Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d   < *
    cpe:/a:redhat:insights_proxy:1.5::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:ef10956a206329b8213fb31855fbcc849d00e1e44adb307985009be2bfdb966e   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:02d88da5fdc965b3759b7c74667dc93a374dc379719456a2a9c0ef15ac36d656   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:6f60741c03460bfdc70789640b83b8c2611f62bd3971a7eeb8316c895e4cbf48   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:deb807f053dacbbea6e950e13ee123bb8b9184e0d8eca0d04d5e8f48d3ef6a95   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:9a17a95797aa5ec5252ea801a4962d1a6a903facafe79dcc321a54fadfa9fee3   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:b8ab8265ceed867796cf63e05b3c2b161ef289ec0ff1337c4b5c763228e747f3   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:264613b2add0f32e5f537ee7cf9ba8019e5e9a347fdf20bc3de8d1678157ba66   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:2509c7cc0bdf6d001442d2e83e21925b09a59c4b05eef81e98af93327f6f6c6d   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.5.2 Unaffected: sha256:ef79fd809a6406f43bc90dc685ca2819694096abe4c4de7f6302a09683f883fd   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.5::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7425",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T15:21:27.766014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T15:21:30.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.1-6.el7_9.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-21.el8_10.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus_long_life:8.4::baseos",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-9.el8_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-13.el8_6.11",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.8::baseos",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.8::baseos",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/o:redhat:rhel_e4s:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.7-16.el8_8.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-11.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-11.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos",
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-1.el9_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.2::baseos",
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-3.el9_2.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.9.13-11.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:c517869dacaf4d3650310d4a52e83706e0b311d6ebb4a9b37b1c7acff5c142ec",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-agent-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ef10956a206329b8213fb31855fbcc849d00e1e44adb307985009be2bfdb966e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:02d88da5fdc965b3759b7c74667dc93a374dc379719456a2a9c0ef15ac36d656",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-collector-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:6f60741c03460bfdc70789640b83b8c2611f62bd3971a7eeb8316c895e4cbf48",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:deb807f053dacbbea6e950e13ee123bb8b9184e0d8eca0d04d5e8f48d3ef6a95",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:9a17a95797aa5ec5252ea801a4962d1a6a903facafe79dcc321a54fadfa9fee3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-ingester-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:b8ab8265ceed867796cf63e05b3c2b161ef289ec0ff1337c4b5c763228e747f3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-operator-bundle",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:264613b2add0f32e5f537ee7cf9ba8019e5e9a347fdf20bc3de8d1678157ba66",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-query-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:2509c7cc0bdf6d001442d2e83e21925b09a59c4b05eef81e98af93327f6f6c6d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-rhel8-operator",
          "product": "Red Hat OpenShift distributed tracing 3.5.2",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ef79fd809a6406f43bc90dc685ca2819694096abe4c4de7f6302a09683f883fd",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxslt",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Sergei Glazunov (Google Project Zero) for reporting this issue."
        }
      ],
      "datePublic": "2025-07-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key() process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may access freed memory, causing crashes or enabling attackers to trigger heap corruption."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-11T14:59:07.456Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:12447",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12447"
        },
        {
          "name": "RHSA-2025:12450",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12450"
        },
        {
          "name": "RHSA-2025:13267",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13267"
        },
        {
          "name": "RHSA-2025:13308",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13308"
        },
        {
          "name": "RHSA-2025:13309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13309"
        },
        {
          "name": "RHSA-2025:13310",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13310"
        },
        {
          "name": "RHSA-2025:13311",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13311"
        },
        {
          "name": "RHSA-2025:13312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13312"
        },
        {
          "name": "RHSA-2025:13313",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13313"
        },
        {
          "name": "RHSA-2025:13314",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13314"
        },
        {
          "name": "RHSA-2025:13335",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13335"
        },
        {
          "name": "RHSA-2025:13464",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13464"
        },
        {
          "name": "RHSA-2025:13622",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13622"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-7425"
        },
        {
          "name": "RHBZ#2379274",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2379274"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libxslt/-/issues/140"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-10T09:37:28.172000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxslt: heap use-after-free in libxslt caused by atype corruption in xmlattrptr",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-7425",
    "datePublished": "2025-07-10T13:53:37.295Z",
    "dateReserved": "2025-07-10T08:44:06.287Z",
    "dateUpdated": "2025-08-11T14:59:07.456Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9979 (GCVE-0-2024-9979)
Vulnerability from cvelistv5
Published
2024-10-15 14:01
Modified
2025-07-08 14:25
CWE
Summary
A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references.
Impacted products
Vendor Product Version
Version: 0.22.0   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9979",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T14:19:04.359472Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-08T14:25:37.340Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/PyO3/pyo3",
          "defaultStatus": "unaffected",
          "packageName": "pyo3",
          "versions": [
            {
              "lessThan": "0.22.4",
              "status": "affected",
              "version": "0.22.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "python3.11-nh3",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "python3.11-rpds-py",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "python-rpds-py",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "python3.11-cryptography",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "python3.12-cryptography",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "python3.11-cryptography",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "python3.12-cryptography",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-10-12T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T05:29:02.734Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9979"
        },
        {
          "name": "RHBZ#2318646",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2318646"
        },
        {
          "url": "https://crates.io/crates/pyo3"
        },
        {
          "url": "https://github.com/PyO3/pyo3/pull/4590"
        },
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2024-0378.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-14T21:01:23.698016+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-12T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Pyo3: risk of use-after-free in `borrowed` reads from python weak references",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9979",
    "datePublished": "2024-10-15T14:01:54.309Z",
    "dateReserved": "2024-10-15T06:47:28.744Z",
    "dateUpdated": "2025-07-08T14:25:37.340Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45779 (GCVE-0-2024-45779)
Vulnerability from cvelistv5
Published
2025-03-03 14:25
Modified
2025-07-29 09:40
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45779",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T15:05:17.399405Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T15:05:35.269Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An integer overflow flaw was found in the BFS file system driver in grub2. When reading a file with an indirect extent map, grub2 fails to validate the number of extent entries to be read. A crafted or corrupted BFS filesystem may cause an integer overflow during the file reading, leading to a heap of bounds read. As a consequence, sensitive data may be leaked, or grub2 will crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:40:55.307Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45779"
        },
        {
          "name": "RHBZ#2345854",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345854"
        },
        {
          "url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-14T21:10:30.586000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/bfs: integer overflow leads to heap oob read in the bfs parser",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not run grub2 in an untrusted environment, specifically with a BFS file system image."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45779",
    "datePublished": "2025-03-03T14:25:22.453Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:40:55.307Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26595 (GCVE-0-2025-26595)
Vulnerability from cvelistv5
Published
2025-02-25 15:54
Modified
2025-07-29 00:19
CWE
  • CWE-121 - Stack-based Buffer Overflow
Summary
A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26595 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345257 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26595",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T20:05:05.924947Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T20:05:22.115Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:19:06.362Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26595"
        },
        {
          "name": "RHBZ#2345257",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345257"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:15:00.929000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: buffer overflow in xkbvmodmasktext()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-121: Stack-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26595",
    "datePublished": "2025-02-25T15:54:06.708Z",
    "dateReserved": "2025-02-12T14:12:22.795Z",
    "dateUpdated": "2025-07-29T00:19:06.362Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45781 (GCVE-0-2024-45781)
Vulnerability from cvelistv5
Published
2025-02-18 19:25
Modified
2025-07-29 09:41
CWE
Summary
A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections.
References
https://access.redhat.com/errata/RHSA-2025:6990 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45781 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345857 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45781",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T14:43:23.432163Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T15:15:15.791Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://ftp.gnu.org/gnu/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When reading a symbolic link\u0027s name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:41:26.260Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45781"
        },
        {
          "name": "RHBZ#2345857",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345857"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-14T21:31:44.750000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/ufs: oob write in the heap",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45781",
    "datePublished": "2025-02-18T19:25:57.168Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:41:26.260Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5791 (GCVE-0-2025-5791)
Vulnerability from cvelistv5
Published
2025-06-06 13:10
Modified
2025-07-31 15:36
CWE
  • CWE-266 - Incorrect Privilege Assignment
Summary
A flaw was found in the user's crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list.
Impacted products
Vendor Product Version
Red Hat Red Hat OpenShift sandboxed containers 1.1 Unaffected: sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba   < *
    cpe:/a:redhat:confidential_compute_attestation:1.10::el9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5791",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-06T13:40:43.009202Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-06T13:40:47.773Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:confidential_compute_attestation:1.10::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/openshift-sandboxed-containers/osc-rhel9-operator",
          "product": "Red Hat OpenShift sandboxed containers 1.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:a6f29da891174e57fcfd131da7aa90c50459ba24164111b83120a1b91f2eabba",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-ssh-key-dir",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-afterburn",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kata-containers",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-afterburn",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-01-15T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the user\u0027s crate for Rust. This vulnerability allows privilege escalation via incorrect group listing when a user or process has fewer than exactly 1024 groups, leading to the erroneous inclusion of the root group in the access list."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-266",
              "description": "Incorrect Privilege Assignment",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-31T15:36:08.719Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:12359",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12359"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5791"
        },
        {
          "name": "RHBZ#2370001",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370001"
        },
        {
          "url": "https://crates.io/crates/users"
        },
        {
          "url": "https://github.com/ogham/rust-users/issues/44"
        },
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2025-0040.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T13:02:24.781295+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-15T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Users: `root` appended to group listings",
      "x_redhatCweChain": "CWE-266: Incorrect Privilege Assignment"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5791",
    "datePublished": "2025-06-06T13:10:07.157Z",
    "dateReserved": "2025-06-06T08:09:10.242Z",
    "dateUpdated": "2025-07-31T15:36:08.719Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-1125 (GCVE-0-2025-1125)
Vulnerability from cvelistv5
Published
2025-03-03 14:16
Modified
2025-08-12 13:57
CWE
Summary
When reading data from a hfs filesystem, grub's hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution by-passing secure boot protections.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1125",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T15:11:35.948515Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T15:11:48.262Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "When reading data from a hfs filesystem, grub\u0027s hfs filesystem module uses user-controlled parameters from the filesystem metadata to calculate the internal buffers size, however it misses to properly check for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculation to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result the hfsplus_open_compressed_real() function will write past of the internal buffer length. This flaw may be leveraged to corrupt grub\u0027s internal critical data and may result in arbitrary code execution by-passing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T13:57:29.361Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-1125"
        },
        {
          "name": "RHBZ#2346138",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346138"
        },
        {
          "url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T17:32:11.551000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/hfs: integer overflow may lead to heap based out-of-bounds write",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not run grub2 in an untrusted environment, specifically with a HFS file system image."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-1125",
    "datePublished": "2025-03-03T14:16:13.252Z",
    "dateReserved": "2025-02-07T20:34:30.777Z",
    "dateUpdated": "2025-08-12T13:57:29.361Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12084 (GCVE-0-2024-12084)
Vulnerability from cvelistv5
Published
2025-01-15 14:16
Modified
2025-07-29 00:36
Severity ?
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer.
References
Impacted products
Vendor Product Version
Version: 3.2.7
Version: 3.3.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.4.1-2.el10   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12084",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-27T04:55:11.854Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-01-15T15:02:44.467Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/01/14/6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RsyncProject/rsync",
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "versions": [
            {
              "status": "affected",
              "version": "3.2.7"
            },
            {
              "status": "affected",
              "version": "3.3.0"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.4.1-2.el10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue."
        }
      ],
      "datePublic": "2025-01-14T15:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-based buffer overflow flaw was found in the rsync daemon. This issue is due to improper handling of attacker-controlled checksum lengths (s2length) in the code. When MAX_DIGEST_LEN exceeds the fixed SUM_LENGTH (16 bytes), an attacker can write out of bounds in the sum2 buffer."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Critical"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:36:40.901Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBA-2025:6470",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:6470"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12084"
        },
        {
          "name": "RHBZ#2330527",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330527"
        },
        {
          "url": "https://kb.cert.org/vuls/id/952657"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-05T09:32:44.653000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-14T15:06:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rsync: heap buffer overflow in rsync due to improper checksum length handling",
      "workarounds": [
        {
          "lang": "en",
          "value": "Red Hat recommends filtering untrusted connections to Rsync via firewall rules on the host and on network firewall appliances.\n\nAdditionally, systems which only need to provide remote Rsync access to users with known identities can enable authentication using the ```auth users``` parameter in their rsyncd configuration file (rsyncd.conf). \n\nSystems that provide anonymous read access to hosted files via Rsync, such as mirror hosts, do not have reasonable mitigation options available. We strongly urge operators using vulnerable versions of Rsync to update as soon as possible."
        }
      ],
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12084",
    "datePublished": "2025-01-15T14:16:35.363Z",
    "dateReserved": "2024-12-03T08:57:42.580Z",
    "dateUpdated": "2025-07-29T00:36:40.901Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2947 (GCVE-0-2024-2947)
Vulnerability from cvelistv5
Published
2024-03-28 18:31
Modified
2025-06-26 13:39
CWE
  • CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
References
https://access.redhat.com/errata/RHSA-2024:3667 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3843 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-2947 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2271614 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 270   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:310.4-1.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:311.2-1.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:311.2-1.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2947",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-01T17:32:00.346165Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-01T17:32:13.401Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:32:42.293Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:3667",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3667"
          },
          {
            "name": "RHSA-2024:3843",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3843"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-2947"
          },
          {
            "name": "RHBZ#2271614",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271614"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KNG7GXOZI6QH3OIQJYAYDB3CRRGH37Q5/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N3Q5SDIFACAY4VHACN5MMCMT3A53A3FB/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PIQY2HGDJW2JY27ALTS4GEVZZJJ4XQ36/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/cockpit-project/cockpit/",
          "defaultStatus": "unaffected",
          "packageName": "cockpit",
          "versions": [
            {
              "lessThan": "*",
              "status": "affected",
              "version": "270",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:310.4-1.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:311.2-1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:311.2-1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank xcuter (NAVER Cloud Security Analysis) for reporting this issue."
        }
      ],
      "datePublic": "2024-03-27T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-26T13:39:28.332Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:3667",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3667"
        },
        {
          "name": "RHSA-2024:3843",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3843"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-2947"
        },
        {
          "name": "RHBZ#2271614",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271614"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-22T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-27T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Cockpit: command injection when deleting a sosreport with a crafted name",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not remove SOS reports with strange names from the Cockpit web interface."
        }
      ],
      "x_redhatCweChain": "CWE-77: Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-2947",
    "datePublished": "2024-03-28T18:31:59.249Z",
    "dateReserved": "2024-03-26T16:48:38.370Z",
    "dateUpdated": "2025-06-26T13:39:28.332Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7409 (GCVE-0-2024-7409)
Vulnerability from cvelistv5
Published
2024-08-05 13:19
Modified
2025-08-04 03:55
CWE
  • CWE-662 - Improper Synchronization
Summary
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.
References
https://access.redhat.com/errata/RHSA-2024:10518 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10528 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10813 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6811 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6818 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7408 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8991 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9136 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9620 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9912 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7409 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2302487 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240905091210.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240905091210.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 17:9.0.0-10.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 17:7.2.0-14.el9_2.14   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 17:8.2.0-11.el9_4.8   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202411212100-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202409180051-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202411130444-0   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202409162258-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202411050056-0   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411261619-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202411261220-0   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7409",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-06T20:16:55.295801Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:17:14.655Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-02T23:03:01.411Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250502-0008/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/qemu/qemu",
          "defaultStatus": "unknown",
          "packageName": "qemu",
          "versions": [
            {
              "status": "unaffected",
              "version": "7.2.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "8.2.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "9.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:rhel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240905091210.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:rhel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240905091210.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17:9.0.0-10.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17:7.2.0-14.el9_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "17:8.2.0-11.el9_4.8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202411212100-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202409180051-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202411130444-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202409162258-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202411050056-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202411261619-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "417.94.202411261220-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "qemu-kvm-ma",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:8.2/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt:av/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:8.2/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "virt-devel:av/qemu-kvm",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-08-02T11:05:09.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-662",
              "description": "Improper Synchronization",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T03:55:52.124Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10518",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10518"
        },
        {
          "name": "RHSA-2024:10528",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10528"
        },
        {
          "name": "RHSA-2024:10813",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10813"
        },
        {
          "name": "RHSA-2024:6811",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6811"
        },
        {
          "name": "RHSA-2024:6818",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6818"
        },
        {
          "name": "RHSA-2024:6964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6964"
        },
        {
          "name": "RHSA-2024:7408",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7408"
        },
        {
          "name": "RHSA-2024:8991",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8991"
        },
        {
          "name": "RHSA-2024:9136",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9136"
        },
        {
          "name": "RHSA-2024:9620",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9620"
        },
        {
          "name": "RHSA-2024:9912",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9912"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-7409"
        },
        {
          "name": "RHBZ#2302487",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302487"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-02T10:54:41+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-08-02T11:05:09+00:00",
          "value": "Made public."
        }
      ],
      "title": "Qemu: denial of service via improper synchronization in qemu nbd server during socket closure",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-662: Improper Synchronization"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-7409",
    "datePublished": "2024-08-05T13:19:27.498Z",
    "dateReserved": "2024-08-02T12:25:13.211Z",
    "dateUpdated": "2025-08-04T03:55:52.124Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-2905 (GCVE-0-2024-2905)
Vulnerability from cvelistv5
Published
2024-04-25 17:44
Modified
2025-05-29 17:58
CWE
  • CWE-732 - Incorrect Permission Assignment for Critical Resource
Summary
A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.
Impacted products
Vendor Product Version
Version: 1.2024.4
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2025.5-1.el10   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2024.3-3.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2023.3-2.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2905",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-25T19:10:45.667596Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-04T17:29:28.680Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:25:42.154Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:3401",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3401"
          },
          {
            "name": "RHSA-2024:3823",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3823"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-2905"
          },
          {
            "name": "RHBZ#2271585",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271585"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/coreos/rpm-ostree",
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "versions": [
            {
              "status": "affected",
              "version": "1.2024.4"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2025.5-1.el10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2024.3-3.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2023.3-2.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-04-09T11:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-732",
              "description": "Incorrect Permission Assignment for Critical Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-29T17:58:04.390Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHBA-2025:4872",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHBA-2025:4872"
        },
        {
          "name": "RHSA-2024:3401",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3401"
        },
        {
          "name": "RHSA-2024:3823",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3823"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-2905"
        },
        {
          "name": "RHBZ#2271585",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271585"
        },
        {
          "url": "https://github.com/coreos/rpm-ostree/security/advisories/GHSA-2m76-cwhg-7wv6"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-26T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-04-09T11:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rpm-ostree: world-readable /etc/shadow file",
      "workarounds": [
        {
          "lang": "en",
          "value": "If you need to apply the fix immediately, you can run the following commands, using credentials that have administrator access to an OpenShift cluster:\n\n# List current permissions for all nodes\nfor node in $( oc get nodes -oname) ; do echo $node ; oc debug $node -- bash -c \"ls -alhZ /host/etc/*shadow*\"; done\n\n# Set correct permissions\nfor node in $( oc get nodes -oname) ; do echo $node ; oc debug $node -- chmod --verbose 0000 /host/etc/shadow /host/etc/gshadow /host/etc/shadow- /host/etc/gshadow-; done\n\nAs a precaution, we recommend rotating all user credentials stored in those files."
        }
      ],
      "x_redhatCweChain": "CWE-732: Incorrect Permission Assignment for Critical Resource"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-2905",
    "datePublished": "2024-04-25T17:44:15.985Z",
    "dateReserved": "2024-03-26T11:53:25.040Z",
    "dateUpdated": "2025-05-29T17:58:04.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8176 (GCVE-0-2024-8176)
Vulnerability from cvelistv5
Published
2025-03-14 08:19
Modified
2025-08-14 15:28
CWE
Summary
A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage.
References
https://access.redhat.com/errata/RHSA-2025:13681 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3531 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3734 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3913 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4048 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4446 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4447 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4448 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4449 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7444 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7512 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8385 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8176 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2310137 issue-tracking, x_refsource_REDHAT
https://github.com/libexpat/libexpat/issues/893
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.7.1-1.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.2.5-17.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.51.0-11.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.51.0-5.el8_2.2   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.51.0-5.el8_4.2   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.51.0-5.el8_4.2   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.51.0-5.el8_4.2   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.51.0-6.el8_6.1   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.51.0-6.el8_6.1   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.51.0-6.el8_6.1   < *
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.51.0-8.el8_8.1   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.5.0-3.el9_5.3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.5.0-5.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.5.0-3.el9_5.3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.5.0-5.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat JBoss Core Services 2.4.62.SP1     cpe:/a:redhat:jboss_core_services:1
Create a notification for this product.
   Red Hat DevWorkspace Operator 0.33 Unaffected: sha256:b41c498da32fde3fa636594ef93d2206ca1a3bc306e401eaae035dc18d30654a   < *
    cpe:/a:redhat:devworkspace:0.33::el9
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:f33991d766b618a128fb99fbe4f9b61c5004f7c6aa73b2b38e28d59e56c64d63   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8176",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-14T13:13:22.690073Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-14T13:14:00.908Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-09T13:10:25.026Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/03/15/1"
          },
          {
            "url": "https://blog.hartwork.org/posts/expat-2-7-0-released/"
          },
          {
            "url": "https://github.com/libexpat/libexpat/blob/R_2_7_0/expat/Changes#L40-L52"
          },
          {
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1239618"
          },
          {
            "url": "https://ubuntu.com/security/CVE-2024-8176"
          },
          {
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-8176"
          },
          {
            "url": "https://gitlab.alpinelinux.org/alpine/aports/-/commit/d068c3ff36fc6f4789988a09c69b434db757db53"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250328-0009/"
          },
          {
            "url": "https://www.kb.cert.org/vuls/id/760160"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/libexpat/libexpat/",
          "defaultStatus": "unaffected",
          "packageName": "libexpat",
          "versions": [
            {
              "lessThan": "2.7.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.7.1-1.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.2.5-17.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-11.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-5.el8_2.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-5.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-5.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-5.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-6.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-6.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-6.el8_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xmlrpc-c",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.51.0-8.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.0-3.el9_5.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.0-5.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.0-3.el9_5.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.5.0-5.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "expat",
          "product": "Red Hat JBoss Core Services 2.4.62.SP1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:devworkspace:0.33::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/devworkspace/devworkspace-project-clone-rhel9",
          "product": "DevWorkspace Operator 0.33",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:b41c498da32fde3fa636594ef93d2206ca1a3bc306e401eaae035dc18d30654a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:f33991d766b618a128fb99fbe4f9b61c5004f7c6aa73b2b38e28d59e56c64d63",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "compat-expat1",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "expat",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "lua-expat",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-expat",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox:flatpak/firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "thunderbird:flatpak/thunderbird",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Jann Horn (Google Project Zero), Sandipan Roy (Red Hat), Sebastian Pipping (libexpat), and Tomas Korbar (Red Hat)."
        }
      ],
      "datePublic": "2025-03-13T13:51:54.957Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-674",
              "description": "Uncontrolled Recursion",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T15:28:59.969Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:13681",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13681"
        },
        {
          "name": "RHSA-2025:3531",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3531"
        },
        {
          "name": "RHSA-2025:3734",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3734"
        },
        {
          "name": "RHSA-2025:3913",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3913"
        },
        {
          "name": "RHSA-2025:4048",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4048"
        },
        {
          "name": "RHSA-2025:4446",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4446"
        },
        {
          "name": "RHSA-2025:4447",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4447"
        },
        {
          "name": "RHSA-2025:4448",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4448"
        },
        {
          "name": "RHSA-2025:4449",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4449"
        },
        {
          "name": "RHSA-2025:7444",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7444"
        },
        {
          "name": "RHSA-2025:7512",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7512"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8176"
        },
        {
          "name": "RHBZ#2310137",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310137"
        },
        {
          "url": "https://github.com/libexpat/libexpat/issues/893"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-12T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-03-13T13:51:54.957000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libexpat: expat: improper restriction of xml entity expansion depth in libexpat",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-674: Uncontrolled Recursion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8176",
    "datePublished": "2025-03-14T08:19:48.962Z",
    "dateReserved": "2024-08-26T12:36:40.985Z",
    "dateUpdated": "2025-08-14T15:28:59.969Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26599 (GCVE-0-2025-26599)
Vulnerability from cvelistv5
Published
2025-02-25 15:55
Modified
2025-07-29 00:20
CWE
  • CWE-824 - Access of Uninitialized Pointer
Summary
An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later.
References
https://access.redhat.com/errata/RHSA-2025:2500 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2502 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2861 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2862 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2865 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2866 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2873 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2874 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2875 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2879 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2880 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7163 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7165 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-26599 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345253 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 22.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-30.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.13.1-15.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.13   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.11.0-8.el8_4.12   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.13   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.12.0-15.el8_8.12   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-1.el9_5.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-28.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-3.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.13   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.12.0-14.el9_2.10   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26599",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-25T16:22:35.562208Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-25T16:22:51.245Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver/",
          "defaultStatus": "unaffected",
          "packageName": "xserver",
          "versions": [
            {
              "lessThan": "21.1.16",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "24.1.6",
              "status": "affected",
              "version": "22.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-30.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-15.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-1.el9_5.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-28.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-3.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-25T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An access to an uninitialized pointer flaw was found in X.Org and Xwayland. The function compCheckRedirect() may fail if it cannot allocate the backing pixmap. In that case, compRedirectWindow() will return a BadAlloc error without validating the window tree marked just before, which leaves the validated data partly initialized and the use of an uninitialized pointer later."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-824",
              "description": "Access of Uninitialized Pointer",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:20:11.448Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2500",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2500"
        },
        {
          "name": "RHSA-2025:2502",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2502"
        },
        {
          "name": "RHSA-2025:2861",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2861"
        },
        {
          "name": "RHSA-2025:2862",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2862"
        },
        {
          "name": "RHSA-2025:2865",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2865"
        },
        {
          "name": "RHSA-2025:2866",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2866"
        },
        {
          "name": "RHSA-2025:2873",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2873"
        },
        {
          "name": "RHSA-2025:2874",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2874"
        },
        {
          "name": "RHSA-2025:2875",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2875"
        },
        {
          "name": "RHSA-2025:2879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2879"
        },
        {
          "name": "RHSA-2025:2880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2880"
        },
        {
          "name": "RHSA-2025:7163",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7163"
        },
        {
          "name": "RHSA-2025:7165",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7165"
        },
        {
          "name": "RHSA-2025:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7458"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26599"
        },
        {
          "name": "RHBZ#2345253",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345253"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-12T14:15:01.808000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-25T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg: xwayland: use of uninitialized pointer in compredirectwindow()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-824: Access of Uninitialized Pointer"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26599",
    "datePublished": "2025-02-25T15:55:02.964Z",
    "dateReserved": "2025-02-12T14:12:22.796Z",
    "dateUpdated": "2025-07-29T00:20:11.448Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-46421 (GCVE-0-2025-46421)
Vulnerability from cvelistv5
Published
2025-04-24 13:01
Modified
2025-07-29 13:32
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Summary
A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect.
References
https://access.redhat.com/errata/RHSA-2025:4439 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4538 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4609 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4624 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7505 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-46421 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2361962 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libsoup/-/issues/439
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.4   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46421",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-24T13:12:43.291380Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-29T13:32:41.957Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. When libsoup clients encounter an HTTP redirect, they mistakenly send the HTTP Authorization header to the new host that the redirection points to. This allows the new host to impersonate the user to the original host that issued the redirect."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T12:50:25.307Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4439"
        },
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4538",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4538"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:4609",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4609"
        },
        {
          "name": "RHSA-2025:4624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4624"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:7505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7505"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-46421"
        },
        {
          "name": "RHBZ#2361962",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361962"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/439"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-24T01:35:00.884000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: information disclosure may leads libsoup client sends authorization header to a different host when being redirected by a server",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-46421",
    "datePublished": "2025-04-24T13:01:24.589Z",
    "dateReserved": "2025-04-24T01:37:42.413Z",
    "dateUpdated": "2025-07-29T13:32:41.957Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45776 (GCVE-0-2024-45776)
Vulnerability from cvelistv5
Published
2025-02-18 19:25
Modified
2025-07-29 09:39
CWE
Summary
When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections.
References
https://access.redhat.com/errata/RHSA-2025:6990 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45776 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2339182 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45776",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T14:43:26.391966Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T15:15:24.380Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://ftp.gnu.org/gnu/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:39:22.503Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45776"
        },
        {
          "name": "RHBZ#2339182",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2339182"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-01-21T18:11:28.747000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: grub-core/gettext: integer overflow leads to heap oob write and read.",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45776",
    "datePublished": "2025-02-18T19:25:45.929Z",
    "dateReserved": "2024-09-08T01:57:12.947Z",
    "dateUpdated": "2025-07-29T09:39:22.503Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12087 (GCVE-0-2024-12087)
Vulnerability from cvelistv5
Published
2025-01-14 17:57
Modified
2025-08-12 20:37
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client's intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client.
References
Impacted products
Vendor Product Version
Version: 0    3.3.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.1.3-21.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.5-3.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.2.5-3.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12087",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-26T14:12:12.897301Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-26T14:12:41.645Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/google/security-research/security/advisories/GHSA-p5pg-x43v-mvqj"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/RsyncProject/rsync",
          "defaultStatus": "unaffected",
          "packageName": "rsync",
          "versions": [
            {
              "lessThanOrEqual": "3.3.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.3-21.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.5-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.2.5-3.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "rsync",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Jasiel Spelman (Google), Pedro Gallegos (Google), and Simon Scannell (Google) for reporting this issue."
        }
      ],
      "datePublic": "2025-01-14T15:06:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc-recursive` option, a default-enabled option for many client options and can be enabled by the server even if not explicitly enabled by the client. When using the `--inc-recursive` option, a lack of proper symlink verification coupled with deduplication checks occurring on a per-file-list basis could allow a server to write files outside of the client\u0027s intended destination directory. A malicious server could write malicious files to arbitrary locations named after valid directories/paths on the client."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T20:37:25.409Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:2600",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2600"
        },
        {
          "name": "RHSA-2025:7050",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7050"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12087"
        },
        {
          "name": "RHBZ#2330672",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2330672"
        },
        {
          "url": "https://kb.cert.org/vuls/id/952657"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-12-05T21:23:24.139000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-14T15:06:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rsync: path traversal vulnerability in rsync",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12087",
    "datePublished": "2025-01-14T17:57:33.927Z",
    "dateReserved": "2024-12-03T08:58:04.170Z",
    "dateUpdated": "2025-08-12T20:37:25.409Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9676 (GCVE-0-2024-9676)
Vulnerability from cvelistv5
Published
2024-10-15 15:27
Modified
2025-08-06 05:18
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host.
References
https://access.redhat.com/errata/RHSA-2024:10289 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8418 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8428 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8437 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8686 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8690 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8694 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8700 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8984 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9051 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9926 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0876 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2710 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3301 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9676 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2317467 issue-tracking, x_refsource_REDHAT
https://github.com/advisories/GHSA-wq2p-5pc6-wpgf
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241101101019.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:1.33.11-1.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 0:1.25.5-30.rhaos4.12.git53dc492.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift_ironic:4.12::el9
    cpe:/a:redhat:openshift:4.12::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 0:1.26.5-26.rhaos4.13.giteb3d487.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 0:1.27.8-12.rhaos4.14.git7597c43.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 0:1.28.11-5.rhaos4.15.git35a2431.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el8
    cpe:/a:redhat:openshift:4.15::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 0:1.29.9-6.rhaos4.16.gite7bd45a.el8   < *
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-12.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift:4.16::el9
    cpe:/a:redhat:openshift:4.16::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 0:1.30.6-6.rhaos4.17.git6ac6e96.el8   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-1.rhaos4.17.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202501281204.p0.ga753153.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9676",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-15T15:45:48.644647Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-15T15:46:17.963Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/storage/",
          "defaultStatus": "unaffected",
          "packageName": "containers/storage",
          "versions": [
            {
              "lessThan": "1.55.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020241101101019.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-16.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:5.2.2-9.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.5-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.11-1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8",
            "cpe:/a:redhat:openshift_ironic:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.25.5-30.rhaos4.12.git53dc492.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.26.5-26.rhaos4.13.giteb3d487.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.27.8-12.rhaos4.14.git7597c43.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.28.11-5.rhaos4.15.git35a2431.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el8",
            "cpe:/a:redhat:openshift:4.15::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ironic:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.29.9-6.rhaos4.16.gite7bd45a.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-12.rhaos4.16.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9",
            "cpe:/a:redhat:openshift:4.17::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.30.6-6.rhaos4.17.git6ac6e96.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9",
            "cpe:/a:redhat:openshift:4.17::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.2.2-1.rhaos4.17.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202501281204.p0.ga753153.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "jenkins-agent-base-rhel9-container",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "skopeo",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:quay:3"
          ],
          "defaultStatus": "affected",
          "packageName": "quay/quay-builder-rhel8",
          "product": "Red Hat Quay 3",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Erik Sj\u00f6lund (Upstream) for reporting this issue."
        }
      ],
      "datePublic": "2024-10-15T15:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Podman, Buildah, and CRI-O. A symlink traversal vulnerability in the containers/storage library can cause Podman, Buildah, and CRI-O to hang and result in a denial of service via OOM kill when running a malicious image using an automatically assigned user namespace (`--userns=auto` in Podman and Buildah). The containers/storage library will read /etc/passwd inside the container, but does not properly validate if that file is a symlink, which can be used to cause the library to read an arbitrary file on the host."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T05:18:19.661Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10289",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10289"
        },
        {
          "name": "RHSA-2024:8418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8418"
        },
        {
          "name": "RHSA-2024:8428",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8428"
        },
        {
          "name": "RHSA-2024:8437",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8437"
        },
        {
          "name": "RHSA-2024:8686",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8686"
        },
        {
          "name": "RHSA-2024:8690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8690"
        },
        {
          "name": "RHSA-2024:8694",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8694"
        },
        {
          "name": "RHSA-2024:8700",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8700"
        },
        {
          "name": "RHSA-2024:8984",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8984"
        },
        {
          "name": "RHSA-2024:9051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9051"
        },
        {
          "name": "RHSA-2024:9454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9454"
        },
        {
          "name": "RHSA-2024:9459",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9459"
        },
        {
          "name": "RHSA-2024:9926",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9926"
        },
        {
          "name": "RHSA-2025:0876",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0876"
        },
        {
          "name": "RHSA-2025:2454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2454"
        },
        {
          "name": "RHSA-2025:2710",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2710"
        },
        {
          "name": "RHSA-2025:3301",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3301"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9676"
        },
        {
          "name": "RHBZ#2317467",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317467"
        },
        {
          "url": "https://github.com/advisories/GHSA-wq2p-5pc6-wpgf"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-09T02:59:07.708000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-15T15:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Podman: buildah: cri-o: symlink traversal vulnerability in the containers/storage library can cause denial of service (dos)",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9676",
    "datePublished": "2024-10-15T15:27:33.665Z",
    "dateReserved": "2024-10-09T03:02:48.802Z",
    "dateUpdated": "2025-08-06T05:18:19.661Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-2593 (GCVE-0-2023-2593)
Vulnerability from cvelistv5
Published
2025-07-30 15:15
Modified
2025-07-31 18:53
CWE
  • CWE-835 - Loop with Unreachable Exit Condition ('Infinite Loop')
Summary
A flaw exists within the Linux kernel's handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system.
Impacted products
Vendor Product Version
Version: 6.3.0
Version: 6.2.0
Version: 6.1.0
Version: 6.0.0
Version: 0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-2593",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-30T15:32:18.248507Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-30T15:32:33.209Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/",
          "defaultStatus": "unaffected",
          "packageName": "linux",
          "versions": [
            {
              "lessThan": "6.3.*",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.2.0-rc4",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.1.5",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.0.19",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "5.15.87",
              "status": "affected",
              "version": "0",
              "versionType": "semvar"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-05-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw exists within the Linux kernel\u0027s handling of new TCP connections. The issue results from the lack of memory release after its effective lifetime. This vulnerability allows an unauthenticated attacker to create a denial of service condition on the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-835",
              "description": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-31T18:53:37.275Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "url": "https://lore.kernel.org/lkml/CAH2r5msyEy20e=FBx6wPWWc3kXzNR4b+zHshSqidRdFKVf_7Jg@mail.gmail.com/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-30T12:49:47.078000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-05-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: ksmbd memory exhaustion denial-of-service vulnerability",
      "x_redhatCweChain": "CWE-835: Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-2593",
    "datePublished": "2025-07-30T15:15:53.952Z",
    "dateReserved": "2023-05-09T12:05:43.066Z",
    "dateUpdated": "2025-07-31T18:53:37.275Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2020-25720 (GCVE-0-2020-25720)
Vulnerability from cvelistv5
Published
2024-11-17 10:17
Modified
2025-07-05 06:43
CWE
Summary
A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object's creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the 'creator owner.' The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2020-25720",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-17T16:18:39.310986Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-17T16:18:49.431Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.samba.org/samba.git",
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "versions": [
            {
              "lessThan": "4.17.8",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba4",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:storage:3"
          ],
          "defaultStatus": "unaffected",
          "packageName": "samba",
          "product": "Red Hat Storage 3",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2022-06-14T00:12:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Samba where a delegated administrator with permission to create objects in Active Directory can write to all attributes of the newly created object, including security-sensitive attributes, even after the object\u0027s creation. This issue occurs because the administrator owns the object due to the lack of an Access Control List (ACL) at the time of creation and later being recognized as the \u0027creator owner.\u0027 The retained significant rights of the delegated administrator may not be well understood, potentially leading to unintended privilege escalation or security risks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-264",
              "description": "CWE-264",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T06:43:57.473Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2020-25720"
        },
        {
          "name": "RHBZ#2305954",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2305954"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-16T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2022-06-14T00:12:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Samba: check attribute access rights for ldap adds of computers",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-264"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2020-25720",
    "datePublished": "2024-11-17T10:17:07.511Z",
    "dateReserved": "2020-09-16T00:00:00.000Z",
    "dateUpdated": "2025-07-05T06:43:57.473Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5915 (GCVE-0-2025-5915)
Vulnerability from cvelistv5
Published
2025-06-09 19:49
Modified
2025-08-15 18:12
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5915",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T14:04:12.513329Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T14:04:33.348Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in the libarchive library. This flaw can lead to a heap buffer over-read due to the size of a filter block potentially exceeding the Lempel-Ziv-Storer-Schieber (LZSS) window. This means the library may attempt to read beyond the allocated memory buffer, which can result in unpredictable program behavior, crashes (denial of service), or the disclosure of sensitive information from adjacent memory regions."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-15T18:12:33.628Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5915"
        },
        {
          "name": "RHBZ#2370865",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370865"
        },
        {
          "url": "https://github.com/libarchive/libarchive/pull/2599"
        },
        {
          "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-06T18:03:54.692000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libarchive: heap buffer over read in copy_from_lzss_window() at archive_read_support_format_rar.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements."
        }
      ],
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5915",
    "datePublished": "2025-06-09T19:49:02.143Z",
    "dateReserved": "2025-06-09T08:10:36.710Z",
    "dateUpdated": "2025-08-15T18:12:33.628Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5024 (GCVE-0-2025-5024)
Vulnerability from cvelistv5
Published
2025-05-22 14:51
Modified
2025-08-12 09:35
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Summary
A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd.
References
https://access.redhat.com/errata/RHSA-2025:10631 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10635 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10742 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11403 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11404 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11405 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11406 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11407 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11408 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11418 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-5024 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2367717 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/merge_requests/321
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:47.3-2.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:0.1.8-4.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:0.1.6-9.el8_2.1   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:0.1.8-4.el8_4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:0.1.8-4.el8_4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:0.1.8-4.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:0.1.8-4.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:0.1.8-4.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:0.1.8-4.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:0.1.8-4.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:40.0-11.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:40.0-10.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:40.0-10.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:40.0-11.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5024",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-22T17:42:56.244523Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-22T18:12:30.923Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:47.3-2.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.6-9.el8_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:0.1.8-4.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:40.0-11.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:40.0-10.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:40.0-10.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnome-remote-desktop",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:40.0-11.el9_4",
              "versionType": "rpm"
            }
          ]
        }
      ],
      "datePublic": "2025-05-21T06:16:27.607Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T09:35:38.025Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10631",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10631"
        },
        {
          "name": "RHSA-2025:10635",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10635"
        },
        {
          "name": "RHSA-2025:10742",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10742"
        },
        {
          "name": "RHSA-2025:11403",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11403"
        },
        {
          "name": "RHSA-2025:11404",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11404"
        },
        {
          "name": "RHSA-2025:11405",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11405"
        },
        {
          "name": "RHSA-2025:11406",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11406"
        },
        {
          "name": "RHSA-2025:11407",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11407"
        },
        {
          "name": "RHSA-2025:11408",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11408"
        },
        {
          "name": "RHSA-2025:11418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11418"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5024"
        },
        {
          "name": "RHBZ#2367717",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367717"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/gnome-remote-desktop/-/merge_requests/321"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-21T03:18:10.555000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-21T06:16:27.607000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnome-remote-desktop: uncontrolled resource consumption due to malformed rdp pdus",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5024",
    "datePublished": "2025-05-22T14:51:01.110Z",
    "dateReserved": "2025-05-21T06:10:08.134Z",
    "dateUpdated": "2025-08-12T09:35:38.025Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-7006 (GCVE-0-2024-7006)
Vulnerability from cvelistv5
Published
2024-08-08 20:49
Modified
2025-06-03 02:10
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service.
References
https://access.redhat.com/errata/RHSA-2024:6360 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8833 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8914 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-7006 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2302996 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.0.9-33.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:4.4.0-12.el9_4.1   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:4.4.0-8.el9_2.1   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/a:redhat:rhel_eus:9.2::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-7006",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T02:10:18.944536Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T02:10:47.534Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-20T16:03:14.114Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20240920-0001/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/libtiff/libtiff",
          "defaultStatus": "unknown",
          "packageName": "libtiff",
          "versions": [
            {
              "status": "unaffected",
              "version": "4.4.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "4.0.9",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "libtiff",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.0.9-33.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libtiff",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.4.0-12.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "libtiff",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.4.0-8.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libtiff",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libtiff",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libtiff",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Xu Chang (N/A) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-19T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A null pointer dereference flaw was found in Libtiff via `tif_dirinfo.c`. This issue may allow an attacker to trigger memory allocation failures through certain means, such as restricting the heap space size or injecting faults, causing a segmentation fault. This can cause an application crash, eventually leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-01T03:32:59.236Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:6360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6360"
        },
        {
          "name": "RHSA-2024:8833",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8833"
        },
        {
          "name": "RHSA-2024:8914",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8914"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-7006"
        },
        {
          "name": "RHBZ#2302996",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2302996"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-05T22:40:16.777000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-19T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libtiff: null pointer dereference in tif_dirinfo.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-7006",
    "datePublished": "2024-08-08T20:49:45.373Z",
    "dateReserved": "2024-07-23T00:57:17.777Z",
    "dateUpdated": "2025-06-03T02:10:47.534Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49180 (GCVE-0-2025-49180)
Vulnerability from cvelistv5
Published
2025-06-17 15:00
Modified
2025-07-15 01:05
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.
References
https://access.redhat.com/errata/RHSA-2025:10258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10342 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10344 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10346 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10347 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10348 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10349 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10350 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10351 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10352 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10355 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10356 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10360 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10370 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10375 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10376 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10377 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10378 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10381 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10410 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9303 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9304 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9305 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9306 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9392 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49180 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369981 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7.7 Advanced Update Support Unaffected: 0:1.8.0-17.el7_7.1   < *
    cpe:/o:redhat:rhel_aus:7.7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-32.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9.2   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-26.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-18.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.15.0-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.14   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.20.6-4.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-31.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-4.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:21.1.3-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.20.11-11.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.15   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:21.1.3-8.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.20.11-18.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.12.0-14.el9_2.12   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:22.1.9-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.20.11-26.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::crb
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.7   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49180",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:36:37.255035Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:36:48.643Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:05:09.054Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49180"
        },
        {
          "name": "RHBZ#2369981",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:14:53.357000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49180",
    "datePublished": "2025-06-17T15:00:18.145Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:05:09.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32913 (GCVE-0-2025-32913)
Vulnerability from cvelistv5
Published
2025-04-14 13:37
Modified
2025-07-29 00:26
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function.
References
https://access.redhat.com/errata/RHSA-2025:4439 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4538 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4609 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4624 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32913 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359357 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.4   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32913",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T13:54:02.941942Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T13:54:31.425Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup, where the soup_message_headers_get_content_disposition() function is vulnerable to a NULL pointer dereference. This flaw allows a malicious HTTP peer to crash a libsoup client or server that uses this function."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:26:23.642Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4439"
        },
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4538",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4538"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:4609",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4609"
        },
        {
          "name": "RHSA-2025:4624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4624"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32913"
        },
        {
          "name": "RHBZ#2359357",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359357"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:21:01.010000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: null pointer dereference in  soup_message_headers_get_content_disposition when \"filename\" parameter  is present, but has no value in content-disposition header",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32913",
    "datePublished": "2025-04-14T13:37:36.587Z",
    "dateReserved": "2025-04-14T01:59:13.827Z",
    "dateUpdated": "2025-07-29T00:26:23.642Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45783 (GCVE-0-2024-45783)
Vulnerability from cvelistv5
Published
2025-02-18 19:26
Modified
2025-07-29 09:41
CWE
  • CWE-911 - Improper Update of Reference Count
Summary
A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn't properly set an ERRNO value. This issue may lead to a NULL pointer access.
References
https://access.redhat.com/errata/RHSA-2025:6990 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-45783 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345863 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45783",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-19T14:42:27.841966Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-19T15:15:06.176Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://ftp.gnu.org/gnu/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When failing to mount an HFS+ grub, the hfsplus filesystem driver doesn\u0027t properly set an ERRNO value. This issue may lead to a NULL pointer access."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 4.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-911",
              "description": "Improper Update of Reference Count",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:41:59.390Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45783"
        },
        {
          "name": "RHBZ#2345863",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345863"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-14T22:13:21.370000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/hfs+: refcount can be decremented twice",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-911: Improper Update of Reference Count"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45783",
    "datePublished": "2025-02-18T19:26:07.767Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:41:59.390Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5917 (GCVE-0-2025-5917)
Vulnerability from cvelistv5
Published
2025-06-09 19:49
Modified
2025-08-15 18:22
CWE
Summary
A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5917",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T13:44:11.394242Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T14:05:35.851Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in the libarchive library. This flaw involves an \u0027off-by-one\u0027 miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.8,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-15T18:22:32.453Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5917"
        },
        {
          "name": "RHBZ#2370874",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370874"
        },
        {
          "url": "https://github.com/libarchive/libarchive/pull/2588"
        },
        {
          "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-06T19:18:57.535000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements."
        }
      ],
      "x_redhatCweChain": "CWE-193-\u003eCWE-787: Off-by-one Error leads to Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5917",
    "datePublished": "2025-06-09T19:49:13.204Z",
    "dateReserved": "2025-06-09T08:11:04.787Z",
    "dateUpdated": "2025-08-15T18:22:32.453Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8235 (GCVE-0-2024-8235)
Vulnerability from cvelistv5
Published
2024-08-30 16:16
Modified
2025-08-04 03:56
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon.
Impacted products
Vendor Product Version
Version: 10.4.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:10.5.0-7.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Advanced Virtualization     cpe:/a:redhat:advanced_virtualization:8::el8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8235",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-30T17:10:46.243548Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-30T17:10:55.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-20T16:03:15.107Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20240920-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/libvirt/libvirt",
          "defaultStatus": "unaffected",
          "packageName": "libvirt",
          "versions": [
            {
              "lessThan": "10.7.0",
              "status": "affected",
              "version": "10.4.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libvirt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:10.5.0-7.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libvirt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libvirt",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libvirt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "virt:rhel/libvirt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_virtualization:8::el8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "virt:av/libvirt",
          "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-08-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.2,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T03:56:35.714Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9128"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8235"
        },
        {
          "name": "RHBZ#2308680",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2308680"
        },
        {
          "url": "https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/X6WOVCL6QF3FQRFIIXL736RFZVSUWLWJ/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-08-30T12:58:26.577000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-08-29T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libvirt: crash of virtinterfaced via virconnectlistinterfaces()",
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8235",
    "datePublished": "2024-08-30T16:16:57.214Z",
    "dateReserved": "2024-08-27T15:58:35.816Z",
    "dateUpdated": "2025-08-04T03:56:35.714Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0685 (GCVE-0-2025-0685)
Vulnerability from cvelistv5
Published
2025-03-03 17:14
Modified
2025-07-28 17:35
CWE
Summary
A flaw was found in grub2. When reading data from a jfs filesystem, grub's jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub's internal critical data and may result in arbitrary code execution, by-passing secure boot protections.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0685",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T16:13:24.859221Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T16:13:48.628Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When reading data from a jfs filesystem, grub\u0027s jfs filesystem module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_jfs_lookup_symlink() function will write past the internal buffer length during grub_jfs_read_file(). This issue can be leveraged to corrupt grub\u0027s internal critical data and may result in arbitrary code execution, by-passing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T17:35:06.151Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0685"
        },
        {
          "name": "RHBZ#2346120",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346120"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:26:31.971000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: jfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0685",
    "datePublished": "2025-03-03T17:14:23.575Z",
    "dateReserved": "2025-01-23T19:09:21.691Z",
    "dateUpdated": "2025-07-28T17:35:06.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9050 (GCVE-0-2024-9050)
Vulnerability from cvelistv5
Published
2024-10-22 12:14
Modified
2025-07-05 02:19
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration.
References
https://access.redhat.com/errata/RHSA-2024:8312 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8338 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8352 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8353 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8354 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8355 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8356 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8357 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8358 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9555 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9556 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9050 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2313828 issue-tracking, x_refsource_REDHAT
https://www.openwall.com/lists/oss-security/2024/10/25/1
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7.7 Advanced Update Support Unaffected: 0:1.2.4-4.el7_7   < *
    cpe:/o:redhat:rhel_aus:7.7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.2.4-4.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.2.10-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.2.10-6.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.2.10-6.el8_4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:1.2.10-6.el8_4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:1.2.10-6.el8_4   < *
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.2.10-6.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.2.10-6.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.2.10-6.el8_6   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:1.2.10-6.el8_8   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.2.22-4.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.2.14-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:1.2.14-6.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.2.18-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9050",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-22T13:03:43.771304Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "description": "CWE-noinfo Not enough information",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-22T13:08:22.196Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-10-25T03:09:04.241Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/10/25/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/NetworkManager-libreswan/",
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager-libreswan",
          "versions": [
            {
              "lessThan": "1.2.24",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.4-4.el7_7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.4-4.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.10-6.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.22-4.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.14-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.14-6.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.2.18-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager-libreswan",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-10-22T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system\u0027s network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-05T02:19:14.036Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:8312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8312"
        },
        {
          "name": "RHSA-2024:8338",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8338"
        },
        {
          "name": "RHSA-2024:8352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8352"
        },
        {
          "name": "RHSA-2024:8353",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8353"
        },
        {
          "name": "RHSA-2024:8354",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8354"
        },
        {
          "name": "RHSA-2024:8355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8355"
        },
        {
          "name": "RHSA-2024:8356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8356"
        },
        {
          "name": "RHSA-2024:8357",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8357"
        },
        {
          "name": "RHSA-2024:8358",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8358"
        },
        {
          "name": "RHSA-2024:9555",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9555"
        },
        {
          "name": "RHSA-2024:9556",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9556"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9050"
        },
        {
          "name": "RHBZ#2313828",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2313828"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/10/25/1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-19T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-22T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Networkmanager-libreswan: local privilege escalation via leftupdown",
      "workarounds": [
        {
          "lang": "en",
          "value": "A mitigation for this issue is either unavailable or the existing options do not meet Red Hat Product Security\u0027s standards for ease of use, deployment, widespread applicability, or stability. \n\nOne potential approach is to prevent local users from controlling networking through polkit. However, this would also block them from connecting to new Wi-Fi networks, which is not ideal for laptops but might be acceptable for workstations. Server customers typically don\u0027t need to be concerned, as they generally don\u0027t have local users capable of exploiting the bug."
        }
      ],
      "x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9050",
    "datePublished": "2024-10-22T12:14:31.701Z",
    "dateReserved": "2024-09-20T18:25:24.574Z",
    "dateUpdated": "2025-07-05T02:19:14.036Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32255 (GCVE-0-2023-32255)
Vulnerability from cvelistv5
Published
2025-08-02 22:25
Modified
2025-08-04 13:21
CWE
  • CWE-772 - Missing Release of Resource after Effective Lifetime
Summary
A flaw was found in the Linux kernel's ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type, potentially leading to resource exhaustion.
Impacted products
Vendor Product Version
Version: 0
Version: 6.0.0
Version: 6.1.0
Version: 6.2.0
Version: 6.3.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32255",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-04T13:20:59.965401Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-04T13:21:07.604Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/",
          "defaultStatus": "unaffected",
          "packageName": "linux",
          "versions": [
            {
              "lessThan": "5.15.111",
              "status": "affected",
              "version": "0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.0.*",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.1.28",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.2.15",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.3.2",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semvar"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-05-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel\u0027s ksmbd component. A memory leak can occur if a client sends a session setup request with an unknown NTLMSSP message type,  potentially leading to resource exhaustion."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-772",
              "description": "Missing Release of Resource after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-02T22:25:45.342Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-32255"
        },
        {
          "name": "RHBZ#2385884",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2385884"
        },
        {
          "url": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=6d7cb549c2ca20e1f07593f15e936fd54b763028"
        },
        {
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-23-703/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-01T00:50:59.446000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-05-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: memory leak via ksmbd session setup request with unknown ntlmssp message type",
      "x_redhatCweChain": "CWE-772: Missing Release of Resource after Effective Lifetime"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-32255",
    "datePublished": "2025-08-02T22:25:45.342Z",
    "dateReserved": "2023-05-05T10:00:07.896Z",
    "dateUpdated": "2025-08-04T13:21:07.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-10963 (GCVE-0-2024-10963)
Vulnerability from cvelistv5
Published
2024-11-07 16:02
Modified
2025-08-01 18:51
CWE
  • CWE-287 - Improper Authentication
Summary
A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals.
References
https://access.redhat.com/errata/RHSA-2024:10232 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10244 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10379 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10518 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10528 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:10852 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-10963 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2324291 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 1.3.1   
Version: 1.5.1   
Version: 1.6.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.3.1-36.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-22.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.5.1-22.el9_5   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.5.1-23.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
    cpe:/o:redhat:rhel_eus:9.4::baseos
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202411261619-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202411261220-0   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift AI 2.16 Unaffected: sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644   < *
    cpe:/a:redhat:openshift_ai:2.16::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-10963",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-07T18:27:30.472908Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-07T18:27:42.452Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/linux-pam/linux-pam/",
          "defaultStatus": "unaffected",
          "packageName": "pam",
          "versions": [
            {
              "status": "affected",
              "version": "1.3.1",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.5.1",
              "versionType": "semver"
            },
            {
              "lessThan": "1.7.0",
              "status": "affected",
              "version": "1.6.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.1-36.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-22.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-22.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.1-23.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202411261619-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "417.94.202411261220-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai:2.16::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhoai/odh-dashboard-rhel8",
          "product": "Red Hat OpenShift AI 2.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:c2a79db6d2ba9c313640149a55f306e8aa4dc36f3cc24bf554c025503b013644",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "pam",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in pam_access, where certain rules in its configuration file are mistakenly treated as hostnames. This vulnerability allows attackers to trick the system by pretending to be a trusted hostname, gaining unauthorized access. This issue poses a risk for systems that rely on this feature to control who can access certain services or terminals."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T18:51:00.282Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10232",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10232"
        },
        {
          "name": "RHSA-2024:10244",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10244"
        },
        {
          "name": "RHSA-2024:10379",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10379"
        },
        {
          "name": "RHSA-2024:10518",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10518"
        },
        {
          "name": "RHSA-2024:10528",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10528"
        },
        {
          "name": "RHSA-2024:10852",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10852"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-10963"
        },
        {
          "name": "RHBZ#2324291",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324291"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-07T07:38:52.548000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-07T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Pam: improper hostname interpretation in pam_access leads to access control bypass",
      "workarounds": [
        {
          "lang": "en",
          "value": "To reduce the risk, administrators should ensure that no DNS hostname matches local TTY or service names used in pam_access. Additionally, implement DNSSEC to prevent spoofing of DNS responses. For stronger protection, consider reconfiguring pam_access to only accept fully qualified domain names (FQDNs) in access.conf"
        }
      ],
      "x_redhatCweChain": "CWE-287: Improper Authentication"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-10963",
    "datePublished": "2024-11-07T16:02:34.873Z",
    "dateReserved": "2024-11-07T07:29:13.250Z",
    "dateUpdated": "2025-08-01T18:51:00.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0622 (GCVE-0-2025-0622)
Vulnerability from cvelistv5
Published
2025-02-18 19:26
Modified
2025-07-25 07:42
CWE
Summary
A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections.
References
https://access.redhat.com/errata/RHSA-2025:6990 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-0622 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2345865 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    2.12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 1:2.06-104.el9_6   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0622",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-18T19:41:48.648607Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-18T19:42:01.129Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:2.06-104.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If correctly exploited, this vulnerability may result in arbitrary code execution, eventually allowing the attacker to bypass secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T07:42:36.844Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:6990",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:6990"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0622"
        },
        {
          "name": "RHBZ#2345865",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345865"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-14T22:20:05.935000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: command/gpg: use-after-free due to hooks not being removed on module unload",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0622",
    "datePublished": "2025-02-18T19:26:13.082Z",
    "dateReserved": "2025-01-21T16:25:15.532Z",
    "dateUpdated": "2025-07-25T07:42:36.844Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5916 (GCVE-0-2025-5916)
Vulnerability from cvelistv5
Published
2025-06-09 19:49
Modified
2025-08-15 18:22
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5916",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T14:03:44.628884Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T14:05:25.211Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in the libarchive library. This flaw involves an integer overflow that can be triggered when processing a Web Archive (WARC) file that claims to have more than INT64_MAX - 4 content bytes. An attacker could craft a malicious WARC archive to induce this overflow, potentially leading to unpredictable program behavior, memory corruption, or a denial-of-service condition within applications that process such archives using libarchive."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-15T18:22:33.777Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5916"
        },
        {
          "name": "RHBZ#2370872",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370872"
        },
        {
          "url": "https://github.com/libarchive/libarchive/pull/2568"
        },
        {
          "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-06T19:10:04.612000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libarchive: integer overflow while reading warc files at archive_read_support_format_warc.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5916",
    "datePublished": "2025-06-09T19:49:07.620Z",
    "dateReserved": "2025-06-09T08:10:51.733Z",
    "dateUpdated": "2025-08-15T18:22:33.777Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-0684 (GCVE-0-2025-0684)
Vulnerability from cvelistv5
Published
2025-03-03 17:14
Modified
2025-07-28 17:34
CWE
Summary
A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub's reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_reiserfs_read_symlink() will call grub_reiserfs_read_real() with a overflown length parameter, leading to a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub's internal critical data and can result in arbitrary code execution, by-passing secure boot protections.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-0684",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T16:14:33.211120Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T16:14:41.428Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When performing a symlink lookup from a reiserfs filesystem, grub\u0027s reiserfs fs module uses user-controlled parameters from the filesystem geometry to determine the internal buffer size, however, it improperly checks for integer overflows. A maliciouly crafted filesystem may lead some of those buffer size calculations to overflow, causing it to perform a grub_malloc() operation with a smaller size than expected. As a result, the grub_reiserfs_read_symlink() will call grub_reiserfs_read_real() with a overflown length parameter, leading to a heap based out-of-bounds write during data reading. This flaw may be leveraged to corrupt grub\u0027s internal critical data and can result in arbitrary code execution, by-passing secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.4,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T17:34:59.604Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-0684"
        },
        {
          "name": "RHBZ#2346119",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2346119"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-17T15:12:50.927000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: reiserfs: integer overflow when handling symlinks may lead to heap based out-of-bounds write when reading data",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-787: Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-0684",
    "datePublished": "2025-03-03T17:14:07.911Z",
    "dateReserved": "2025-01-23T19:05:34.260Z",
    "dateUpdated": "2025-07-28T17:34:59.604Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32049 (GCVE-0-2025-32049)
Vulnerability from cvelistv5
Published
2025-04-03 13:36
Modified
2025-07-29 07:19
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS).
References
https://access.redhat.com/errata/RHSA-2025:8126 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8128 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8132 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8139 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8140 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8252 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8480 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8481 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8482 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8663 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32049 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2357066 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0    3.6.4
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0.6   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-9.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.5   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
    cpe:/o:redhat:rhel_aus:8.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.5   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_aus:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.5   < *
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.5   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.5   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.5   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.5   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32049",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:58:16.040953Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:58:32.619Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThanOrEqual": "3.6.4",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-9.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream",
            "cpe:/o:redhat:rhel_aus:8.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_aus:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. The SoupWebsocketConnection may accept a large WebSocket message, which may cause libsoup to allocate memory and lead to a denial of service (DoS)."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:19:33.157Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:8126",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8126"
        },
        {
          "name": "RHSA-2025:8128",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8128"
        },
        {
          "name": "RHSA-2025:8132",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8132"
        },
        {
          "name": "RHSA-2025:8139",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8139"
        },
        {
          "name": "RHSA-2025:8140",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8140"
        },
        {
          "name": "RHSA-2025:8252",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8252"
        },
        {
          "name": "RHSA-2025:8480",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8480"
        },
        {
          "name": "RHSA-2025:8481",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8481"
        },
        {
          "name": "RHSA-2025:8482",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8482"
        },
        {
          "name": "RHSA-2025:8663",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8663"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32049"
        },
        {
          "name": "RHBZ#2357066",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357066"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:16:46.830000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: denial of service attack to websocket server",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32049",
    "datePublished": "2025-04-03T13:36:13.035Z",
    "dateReserved": "2025-04-03T01:42:14.134Z",
    "dateUpdated": "2025-07-29T07:19:33.157Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4373 (GCVE-0-2025-4373)
Vulnerability from cvelistv5
Published
2025-05-06 14:48
Modified
2025-08-07 09:03
CWE
  • CWE-124 - Buffer Underwrite ('Buffer Underflow')
Summary
A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite.
References
https://access.redhat.com/errata/RHSA-2025:10855 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11140 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11327 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11373 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:11662 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:12275 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:13335 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-4373 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2364265 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/glib/-/issues/3677
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:2.80.4-4.el10_0.6   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.56.4-166.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.68.4-16.el9_6.2   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.68.4-16.el9_6.2   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.68.4-5.el9_0.2   < *
    cpe:/o:redhat:rhel_e4s:9.0::baseos
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.68.4-7.el9_2.2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
    cpe:/o:redhat:rhel_e4s:9.2::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.68.4-14.el9_4.3   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::crb
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Insights proxy 1.5 Unaffected: sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d   < *
    cpe:/a:redhat:insights_proxy:1.5::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:a891aa3f77d70d9d7966dfc71ff9087f45deb95d3025072da96a3ec5220db1f3   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:3b00e2fec645e140fa304e5823bcb1d0fcd1ddac7f4cbf6e9a9c0fbeaf29682d   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:addf7b49ce99777a3bbf12c2e6678b604f3cfaf91feaaeb4192d75e902e46458   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:caadc05a8195f41d48d502458183cef05a1011c6edee343ac212b873ae98c763   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:b91fe4769ad1e0cf809e3db4d494a5526608b2fa2114fc5e28624372858bb203   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:1784f71c94bd42380b88033411db9bb912ad2f321a8a6d8d7c49e029263ef714   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:be3feca3b19ac609e5ef829887b6d03ca3c504163ed0f9e10b2410cdfb175b72   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:03f040cf94f7d8125f2e68bde45faa956dc9e70fef6307313e42af5de9bbfda0   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift distributed tracing 3.6.1 Unaffected: sha256:b29bd499f9889e6de6728e4f8e5d18bf59ed8bd46c6fb598bf6fee150bf49449   < *
    cpe:/a:redhat:openshift_distributed_tracing:3.6::el8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4373",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-06T15:09:21.791020Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-06T15:09:46.724Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/glib",
          "defaultStatus": "unaffected",
          "packageName": "glib",
          "versions": [
            {
              "lessThan": "2.84.2",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.80.4-4.el10_0.6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.56.4-166.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.68.4-16.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.68.4-16.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:9.0::baseos",
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.68.4-5.el9_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream",
            "cpe:/o:redhat:rhel_e4s:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.68.4-7.el9_2.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.68.4-14.el9_4.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:insights_proxy:1.5::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/insights-proxy/insights-proxy-container-rhel9",
          "product": "Red Hat Insights proxy 1.5",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:e54a5a5f9d69dd6a03e2bcd845e2202910a188d266d4a79b12c387ceffc36f2d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-agent-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:a891aa3f77d70d9d7966dfc71ff9087f45deb95d3025072da96a3ec5220db1f3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-all-in-one-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:3b00e2fec645e140fa304e5823bcb1d0fcd1ddac7f4cbf6e9a9c0fbeaf29682d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-collector-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:addf7b49ce99777a3bbf12c2e6678b604f3cfaf91feaaeb4192d75e902e46458",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-es-index-cleaner-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:caadc05a8195f41d48d502458183cef05a1011c6edee343ac212b873ae98c763",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-es-rollover-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:b91fe4769ad1e0cf809e3db4d494a5526608b2fa2114fc5e28624372858bb203",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-ingester-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:1784f71c94bd42380b88033411db9bb912ad2f321a8a6d8d7c49e029263ef714",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-operator-bundle",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:be3feca3b19ac609e5ef829887b6d03ca3c504163ed0f9e10b2410cdfb175b72",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-query-rhel8",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:03f040cf94f7d8125f2e68bde45faa956dc9e70fef6307313e42af5de9bbfda0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift_distributed_tracing:3.6::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/rhosdt/jaeger-rhel8-operator",
          "product": "Red Hat OpenShift distributed tracing 3.6.1",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:b29bd499f9889e6de6728e4f8e5d18bf59ed8bd46c6fb598bf6fee150bf49449",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glycin-loaders",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "loupe",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib, which is vulnerable to an integer overflow in the g_string_insert_unichar() function. When the position at which to insert the character is large, the position will overflow, leading to a buffer underwrite."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-124",
              "description": "Buffer Underwrite (\u0027Buffer Underflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-07T09:03:11.696Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10855",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10855"
        },
        {
          "name": "RHSA-2025:11140",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11140"
        },
        {
          "name": "RHSA-2025:11327",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11327"
        },
        {
          "name": "RHSA-2025:11373",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11373"
        },
        {
          "name": "RHSA-2025:11374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11374"
        },
        {
          "name": "RHSA-2025:11662",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:11662"
        },
        {
          "name": "RHSA-2025:12275",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:12275"
        },
        {
          "name": "RHSA-2025:13335",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:13335"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4373"
        },
        {
          "name": "RHBZ#2364265",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364265"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/glib/-/issues/3677"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-06T00:33:30.003000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-06T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Glib: buffer underflow on glib through glib/gstring.c via function g_string_insert_unichar",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-124: Buffer Underwrite (\u0027Buffer Underflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4373",
    "datePublished": "2025-05-06T14:48:39.264Z",
    "dateReserved": "2025-05-06T00:35:29.069Z",
    "dateUpdated": "2025-08-07T09:03:11.696Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32989 (GCVE-0-2025-32989)
Vulnerability from cvelistv5
Published
2025-07-10 08:05
Modified
2025-07-25 18:59
CWE
  • CWE-295 - Improper Certificate Validation
Summary
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32989",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T20:04:51.314429Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T20:06:49.983Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnutls.org/",
          "defaultStatus": "unaffected",
          "packageName": "libgnutls",
          "versions": [
            {
              "lessThan": "3.8.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-07-10T07:54:13.541Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T18:59:40.181Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32989"
        },
        {
          "name": "RHBZ#2359621",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359621"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-15T01:21:36.512000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T07:54:13.541000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: vulnerability in gnutls sct extension parsing",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-295: Improper Certificate Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32989",
    "datePublished": "2025-07-10T08:05:26.307Z",
    "dateReserved": "2025-04-15T01:31:12.104Z",
    "dateUpdated": "2025-07-25T18:59:40.181Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32988 (GCVE-0-2025-32988)
Vulnerability from cvelistv5
Published
2025-07-10 08:04
Modified
2025-07-25 18:59
CWE
Summary
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32988",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-10T20:04:19.060060Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-10T20:04:30.284Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnutls.org/",
          "defaultStatus": "unaffected",
          "packageName": "libgnutls",
          "versions": [
            {
              "lessThan": "3.8.10",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-07-10T07:55:14.310Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.\n\nThis vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-415",
              "description": "Double Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T18:59:24.273Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32988"
        },
        {
          "name": "RHBZ#2359622",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359622"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-15T01:21:36.833000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-10T07:55:14.310000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: vulnerability in gnutls othername san export",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-415: Double Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32988",
    "datePublished": "2025-07-10T08:04:57.991Z",
    "dateReserved": "2025-04-15T01:31:12.104Z",
    "dateUpdated": "2025-07-25T18:59:24.273Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-32253 (GCVE-0-2023-32253)
Vulnerability from cvelistv5
Published
2025-08-02 22:26
Modified
2025-08-04 13:20
CWE
  • CWE-413 - Improper Resource Locking
Summary
A flaw was found in the Linux kernel's ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service.
References
Impacted products
Vendor Product Version
Version: 0
Version: 6.0.0
Version: 6.1.0
Version: 6.2.0
Version: 6.3.0
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-32253",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-04T13:20:02.626246Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-04T13:20:08.833Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/",
          "defaultStatus": "unaffected",
          "packageName": "linux",
          "versions": [
            {
              "lessThan": "5.15.112",
              "status": "affected",
              "version": "0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.0.*",
              "status": "affected",
              "version": "6.0.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.1.28",
              "status": "affected",
              "version": "6.1.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.2.15",
              "status": "affected",
              "version": "6.2.0",
              "versionType": "semvar"
            },
            {
              "lessThan": "6.3.2",
              "status": "affected",
              "version": "6.3.0",
              "versionType": "semvar"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-05-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Linux kernel\u0027s ksmbd component. A deadlock is triggered by sending multiple concurrent session setup requests, possibly leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-413",
              "description": "Improper Resource Locking",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-02T22:26:05.080Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-32253"
        },
        {
          "name": "RHBZ#2385886",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2385886"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-08-01T01:15:24.111000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-05-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Kernel: deadlock in ksmbd_find_crypto_ctx()",
      "x_redhatCweChain": "CWE-413: Improper Resource Locking"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-32253",
    "datePublished": "2025-08-02T22:26:05.080Z",
    "dateReserved": "2023-05-05T10:00:07.895Z",
    "dateUpdated": "2025-08-04T13:20:08.833Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-49393 (GCVE-0-2024-49393)
Vulnerability from cvelistv5
Published
2024-11-12 01:55
Modified
2025-07-16 11:46
CWE
  • CWE-347 - Improper Verification of Cryptographic Signature
Summary
In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-49393",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-12T14:25:28.066562Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-12T14:25:48.550Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/muttmua/mutt",
          "defaultStatus": "affected",
          "packageName": "mutt"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mutt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-11-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-16T11:46:14.309Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-49393"
        },
        {
          "name": "RHBZ#2325317",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325317"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-11T19:41:40.191000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-11T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Mutt: neomutt: to and cc email header fields are not protected by cryptographic signing",
      "x_redhatCweChain": "CWE-347: Improper Verification of Cryptographic Signature"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-49393",
    "datePublished": "2024-11-12T01:55:40.765Z",
    "dateReserved": "2024-10-14T17:56:03.767Z",
    "dateUpdated": "2025-07-16T11:46:14.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52336 (GCVE-0-2024-52336)
Vulnerability from cvelistv5
Published
2024-11-26 15:21
Modified
2025-08-01 15:03
CWE
  • CWE-269 - Improper Privilege Management
Summary
A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with `script_pre` or `script_post` options that permit arbitrary scripts with their absolute paths to be passed. These user or attacker-controlled executable scripts or programs could then be executed by Tuned with root privileges that could allow attackers to local privilege escalation.
Impacted products
Vendor Product Version
Version: 2.23.0   
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:2.24.0-2.1.20240819gitc082797f.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:2.24.0-2.1.20240819gitc082797f.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.24.0-2.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::nfv
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::realtime
    cpe:/a:redhat:enterprise_linux:9::sap_hana
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::sap
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.24.0-2.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::nfv
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::realtime
    cpe:/a:redhat:enterprise_linux:9::sap_hana
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::sap
Create a notification for this product.
   Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52336",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-26T16:22:02.290977Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T16:22:12.371Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-29T04:32:53.450Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.openwall.com/lists/oss-security/2024/11/28/2"
          },
          {
            "url": "https://security.opensuse.org/2024/11/26/tuned-instance-create.html"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/redhat-performance/tuned",
          "defaultStatus": "unaffected",
          "packageName": "tuned",
          "versions": [
            {
              "lessThan": "2.24.1",
              "status": "affected",
              "version": "2.23.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Fast Datapath for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.1.20240819gitc082797f.el8fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Fast Datapath for Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.1.20240819gitc082797f.el9fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::sap_hana",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::sap"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::sap_hana",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::sap"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tuned",
          "product": "Fast Datapath for RHEL 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matthias Gerstner (SUSE Security Team) for reporting this issue."
        }
      ],
      "datePublic": "2024-11-26T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A script injection vulnerability was identified in the Tuned package. The `instance_create()` D-Bus function can be called by locally logged-in users without authentication. This flaw allows a local non-privileged user to execute a D-Bus call with `script_pre` or `script_post` options that permit arbitrary scripts with their absolute paths to be passed. These user or attacker-controlled executable scripts or programs could then be executed by Tuned with root privileges that could allow attackers to local privilege escalation."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T15:03:04.451Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10384",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10384"
        },
        {
          "name": "RHSA-2025:0879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0879"
        },
        {
          "name": "RHSA-2025:0880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0880"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-52336"
        },
        {
          "name": "RHBZ#2324540",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324540"
        },
        {
          "url": "https://security.opensuse.org/2024/11/26/tuned-instance-create.html"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/11/28/1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-08T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-26T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Tuned: `script_pre` and `script_post` options allow to pass arbitrary scripts executed by root",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-269: Improper Privilege Management"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-52336",
    "datePublished": "2024-11-26T15:21:13.518Z",
    "dateReserved": "2024-11-08T13:09:39.004Z",
    "dateUpdated": "2025-08-01T15:03:04.451Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-26466 (GCVE-0-2025-26466)
Vulnerability from cvelistv5
Published
2025-02-28 21:25
Modified
2025-07-25 07:44
CWE
  • CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-03-05T03:48:43.236Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20250228-0002/"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/02/18/1"
          },
          {
            "url": "https://www.openwall.com/lists/oss-security/2025/02/18/4"
          },
          {
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1237041"
          },
          {
            "url": "https://security-tracker.debian.org/tracker/CVE-2025-26466"
          },
          {
            "url": "https://ubuntu.com/security/CVE-2025-26466"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-26466",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-04T19:51:35.555196Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-04T19:51:39.308Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.9p1",
              "status": "affected",
              "version": "9.5p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T07:44:40.029Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-26466"
        },
        {
          "name": "RHBZ#2345043",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345043"
        },
        {
          "url": "https://seclists.org/oss-sec/2025/q1/144"
        },
        {
          "url": "https://www.qualys.com/2025/02/18/openssh-mitm-dos.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-11T19:51:30.375000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openssh: denial-of-service in openssh",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue can be mitigated by setting the following three different options in the sshd configuration file located at: /etc/ssh/sshd_config\n\nMaxStartups: Set to a reasonable value, this option controls the maximum number of concurrent unauthenticated connections the SSH server accepts;\n\nPerSourcePenalties: Set its suboptions to a reasonable value, this option is used to help sshd to detect and drop connections that are potentially malicious for the SSH server;\n\nLoginGraceTime: Set to a resonable value, this option controls how much time the SSH server will wait the client to authenticate before dropping its connection;\n\nAll the three option above needs to be set to implement a full mitigation for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-770: Allocation of Resources Without Limits or Throttling"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-26466",
    "datePublished": "2025-02-28T21:25:28.861Z",
    "dateReserved": "2025-02-10T18:31:47.979Z",
    "dateUpdated": "2025-07-25T07:44:40.029Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3891 (GCVE-0-2025-3891)
Vulnerability from cvelistv5
Published
2025-04-29 11:56
Modified
2025-08-06 04:55
CWE
Summary
A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability.
Impacted products
Vendor Product Version
Version: 2.0.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020250426100353.489197e6   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 8020020250612174445.4cda2c84   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 8040020250618101351.522a0ee4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020250617090503.ad008a3a   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020250617090503.ad008a3a   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020250617090503.ad008a3a   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 8080020250617090716.63b34585   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 8080020250617090716.63b34585   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.4.10-1.el9_6.2   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.4.9.4-1.el9_0.3   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:2.4.9.4-1.el9_2.3   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.4.9.4-4.el9_4.2   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3891",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-29T13:28:13.900026Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-29T13:28:56.905Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-08T11:02:57.903Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/05/msg00007.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenIDC/mod_auth_openidc",
          "defaultStatus": "unaffected",
          "packageName": "mod_auth_openidc",
          "versions": [
            {
              "lessThan": "2.4.13.1",
              "status": "affected",
              "version": "2.0.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020250426100353.489197e6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8020020250612174445.4cda2c84",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8040020250618101351.522a0ee4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250617090503.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250617090503.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250617090503.ad008a3a",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250617090716.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc:2.3",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250617090716.63b34585",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.10-1.el9_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.9.4-1.el9_0.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.9.4-1.el9_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.9.4-4.el9_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mod_auth_openidc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "mod_auth_openidc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-29T11:37:07.680Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-248",
              "description": "Uncaught Exception",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T04:55:01.988Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10002",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10002"
        },
        {
          "name": "RHSA-2025:10003",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10003"
        },
        {
          "name": "RHSA-2025:10004",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10004"
        },
        {
          "name": "RHSA-2025:10006",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10006"
        },
        {
          "name": "RHSA-2025:10007",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10007"
        },
        {
          "name": "RHSA-2025:10008",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10008"
        },
        {
          "name": "RHSA-2025:10010",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10010"
        },
        {
          "name": "RHSA-2025:4597",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4597"
        },
        {
          "name": "RHSA-2025:9396",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9396"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-3891"
        },
        {
          "name": "RHBZ#2361633",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361633"
        },
        {
          "url": "https://github.com/OpenIDC/mod_auth_openidc/commit/6a0b5f66c87184dfe0e4400f6bdd46a82dc0ec2b"
        },
        {
          "url": "https://github.com/OpenIDC/mod_auth_openidc/security/advisories/GHSA-x7cf-8wgv-5j86"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-22T11:16:32.159000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-29T11:37:07.680000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled",
      "x_redhatCweChain": "CWE-248: Uncaught Exception"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-3891",
    "datePublished": "2025-04-29T11:56:50.808Z",
    "dateReserved": "2025-04-23T06:53:53.124Z",
    "dateUpdated": "2025-08-06T04:55:01.988Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11218 (GCVE-0-2024-11218)
Vulnerability from cvelistv5
Published
2025-01-22 04:55
Modified
2025-08-06 04:53
CWE
  • CWE-269 - Improper Privilege Management
Summary
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
References
https://access.redhat.com/errata/RHSA-2025:0830 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0878 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0922 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0923 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1186 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1187 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1188 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1189 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1207 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1275 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1295 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1296 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1372 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1453 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1707 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1713 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1908 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1910 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1914 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2441 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2443 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2456 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2701 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2703 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2710 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2712 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3577 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3798 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11218 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2326231 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Version: 1.35.0   
Version: 1.37.0   
Version: 1.38.0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020250124120243.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020250203202123.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020250203202123.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020250203202123.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020250207173112.0f77c1b7   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-13.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.6-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 2:4.2.0-6.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 1:1.26.9-1.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:1.29.5-1.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:4.4.1-22.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:1.33.12-2.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 4:4.9.4-17.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 412.86.202503052321-0   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: 3:4.4.1-9.rhaos4.12.el8   < *
    cpe:/a:redhat:openshift:4.12::el8
    cpe:/a:redhat:openshift:4.12::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 1:1.29.5-1.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-16.rhaos4.13.el8   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202503112237-0   < *
    cpe:/a:redhat:openshift:4.13::el9
    cpe:/a:redhat:openshift:4.13::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-22.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 1:1.29.5-1.rhaos4.14.el9   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202503100617-0   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-33.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 1:1.29.5-1.rhaos4.15.el9   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202503060749-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-15.rhaos4.16.el9   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift_ironic:4.16::el9
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 2:1.33.12-1.rhaos4.16.el9   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202502180249-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-2.rhaos4.17.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 2:1.33.12-1.rhaos4.17.el8   < *
    cpe:/a:redhat:openshift:4.17::el9
    cpe:/a:redhat:openshift:4.17::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 417.94.202504080421-0   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 2:1.33.12-1.rhaos4.18.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
    cpe:/a:redhat:openshift:4.18::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: 418.94.202504021150-0   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11218",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-22T14:11:18.056703Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T17:08:25.061Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/buildah",
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "versions": [
            {
              "lessThan": "1.33.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.35.5",
              "status": "affected",
              "version": "1.35.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.37.6",
              "status": "affected",
              "version": "1.37.0",
              "versionType": "semver"
            },
            {
              "lessThan": "1.38.1",
              "status": "affected",
              "version": "1.38.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020250124120243.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250203202123.3b538bd8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250203202123.3b538bd8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250203202123.3b538bd8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020250207173112.0f77c1b7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:5.2.2-13.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.6-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:4.2.0-6.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.26.9-1.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.5-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:4.4.1-22.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.12-2.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-17.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8",
            "cpe:/a:redhat:openshift:4.12::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "412.86.202503052321-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el8",
            "cpe:/a:redhat:openshift:4.12::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-9.rhaos4.12.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.5-1.rhaos4.13.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-16.rhaos4.13.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el9",
            "cpe:/a:redhat:openshift:4.13::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202503112237-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-22.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.5-1.rhaos4.14.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202503100617-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-33.rhaos4.15.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.5-1.rhaos4.15.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202503060749-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift_ironic:4.16::el9",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-15.rhaos4.16.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.12-1.rhaos4.16.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202502180249-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9",
            "cpe:/a:redhat:openshift:4.17::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.2.2-2.rhaos4.17.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9",
            "cpe:/a:redhat:openshift:4.17::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.12-1.rhaos4.17.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "417.94.202504080421-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9",
            "cpe:/a:redhat:openshift:4.18::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.12-1.rhaos4.18.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "418.94.202504021150-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-01-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-269",
              "description": "Improper Privilege Management",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T04:53:58.659Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:0830",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0830"
        },
        {
          "name": "RHSA-2025:0878",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0878"
        },
        {
          "name": "RHSA-2025:0922",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0922"
        },
        {
          "name": "RHSA-2025:0923",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0923"
        },
        {
          "name": "RHSA-2025:1186",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1186"
        },
        {
          "name": "RHSA-2025:1187",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1187"
        },
        {
          "name": "RHSA-2025:1188",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1188"
        },
        {
          "name": "RHSA-2025:1189",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1189"
        },
        {
          "name": "RHSA-2025:1207",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1207"
        },
        {
          "name": "RHSA-2025:1275",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1275"
        },
        {
          "name": "RHSA-2025:1295",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1295"
        },
        {
          "name": "RHSA-2025:1296",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1296"
        },
        {
          "name": "RHSA-2025:1372",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1372"
        },
        {
          "name": "RHSA-2025:1453",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1453"
        },
        {
          "name": "RHSA-2025:1707",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1707"
        },
        {
          "name": "RHSA-2025:1713",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1713"
        },
        {
          "name": "RHSA-2025:1908",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1908"
        },
        {
          "name": "RHSA-2025:1910",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1910"
        },
        {
          "name": "RHSA-2025:1914",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1914"
        },
        {
          "name": "RHSA-2025:2441",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2441"
        },
        {
          "name": "RHSA-2025:2443",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2443"
        },
        {
          "name": "RHSA-2025:2454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2454"
        },
        {
          "name": "RHSA-2025:2456",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2456"
        },
        {
          "name": "RHSA-2025:2701",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2701"
        },
        {
          "name": "RHSA-2025:2703",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2703"
        },
        {
          "name": "RHSA-2025:2710",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2710"
        },
        {
          "name": "RHSA-2025:2712",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2712"
        },
        {
          "name": "RHSA-2025:3577",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3577"
        },
        {
          "name": "RHSA-2025:3798",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3798"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-11218"
        },
        {
          "name": "RHBZ#2326231",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2326231"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-14T13:05:29.849000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Podman: buildah: container breakout by using --jobs=2 and a race condition when building a malicious containerfile",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mandatory access controls should limit the access of the process performing the build, on systems where they are enabled.\n\nSELinux enforces strict access controls by confining the build process (e.g., Podman) to specific domains like container_t. This prevents unauthorized access to sensitive host files and directories, even if a malicious Containerfile tries to exploit the --mount flag."
        }
      ],
      "x_redhatCweChain": "CWE-269: Improper Privilege Management"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-11218",
    "datePublished": "2025-01-22T04:55:30.649Z",
    "dateReserved": "2024-11-14T13:11:49.476Z",
    "dateUpdated": "2025-08-06T04:53:58.659Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-28834 (GCVE-0-2024-28834)
Vulnerability from cvelistv5
Published
2024-03-21 13:29
Modified
2025-05-21 15:18
CWE
  • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Summary
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Impacted products
Vendor Product Version
Version: 3.7.6-23
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.6.16-8.el8_9.3   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.6.16-8.el8_9.3   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Unaffected: 0:3.6.16-5.el8_6.4   < *
    cpe:/a:redhat:rhel_eus:8.6::appstream
    cpe:/o:redhat:rhel_eus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:3.6.16-7.el8_8.3   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.7.6-23.el9_3.4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.8.3-4.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.7.6-23.el9_3.4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.8.3-4.el9_4   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:3.7.6-21.el9_2.3   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-28834",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-21T18:20:34.669036Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:15.410Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:56:58.323Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/22/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/03/22/2"
          },
          {
            "name": "RHSA-2024:1784",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1784"
          },
          {
            "name": "RHSA-2024:1879",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1879"
          },
          {
            "name": "RHSA-2024:1997",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:1997"
          },
          {
            "name": "RHSA-2024:2044",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2044"
          },
          {
            "name": "RHSA-2024:2570",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2570"
          },
          {
            "name": "RHSA-2024:2889",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:2889"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-28834"
          },
          {
            "name": "RHBZ#2269228",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://minerva.crocs.fi.muni.cz/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://people.redhat.com/~hkario/marvin/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240524-0004/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/gnutls/gnutls/",
          "defaultStatus": "unaffected",
          "packageName": "gnutls",
          "versions": [
            {
              "status": "affected",
              "version": "3.7.6-23"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_9.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-8.el8_9.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.6::appstream",
            "cpe:/o:redhat:rhel_eus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-5.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.16-7.el8_8.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-23.el9_3.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-23.el9_3.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.8.3-4.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.7.6-21.el9_2.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gnutls",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-03-21T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-327",
              "description": "Use of a Broken or Risky Cryptographic Algorithm",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-05-21T15:18:33.377Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:1784",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1784"
        },
        {
          "name": "RHSA-2024:1879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1879"
        },
        {
          "name": "RHSA-2024:1997",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:1997"
        },
        {
          "name": "RHSA-2024:2044",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2044"
        },
        {
          "name": "RHSA-2024:2570",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2570"
        },
        {
          "name": "RHSA-2024:2889",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:2889"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-28834"
        },
        {
          "name": "RHBZ#2269228",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228"
        },
        {
          "url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html"
        },
        {
          "url": "https://minerva.crocs.fi.muni.cz/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-11T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-21T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnutls: vulnerable to minerva side-channel information leak",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-28834",
    "datePublished": "2024-03-21T13:29:11.532Z",
    "dateReserved": "2024-03-11T14:43:43.973Z",
    "dateUpdated": "2025-05-21T15:18:33.377Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3657 (GCVE-0-2024-3657)
Vulnerability from cvelistv5
Published
2024-05-28 12:53
Modified
2025-07-23 11:53
CWE
  • CWE-20 - Improper Input Validation
Summary
A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service
References
https://access.redhat.com/errata/RHSA-2024:3591 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:3837 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4092 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4209 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4210 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4235 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:4633 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:5690 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:6576 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:7458 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:1632 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-3657 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2274401 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Directory Server 11.5 E4S for RHEL 8 Unaffected: 8060020250210084424.0ca98e7e   < *
    cpe:/a:redhat:directory_server_e4s:11.5::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 11.7 for RHEL 8 Unaffected: 8080020240909040333.f969626e   < *
    cpe:/a:redhat:directory_server:11.7::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 11.8 for RHEL 8 Unaffected: 8090020240606122459.91529cd0   < *
    cpe:/a:redhat:directory_server:11.8::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 11.9 for RHEL 8 Unaffected: 8100020240604161237.37ed7c03   < *
    cpe:/a:redhat:directory_server:11.9::el8
Create a notification for this product.
   Red Hat Red Hat Directory Server 12.2 EUS for RHEL 9 Unaffected: 9020020240916150035.1674d574   < *
    cpe:/a:redhat:directory_server_eus:12.2::el9
Create a notification for this product.
   Red Hat Red Hat Directory Server 12.4 for RHEL 9 Unaffected: 9040020240604143706.1674d574   < *
    cpe:/a:redhat:directory_server:12.4::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Unaffected: 0:1.3.11.1-5.el7_9   < *
    cpe:/o:redhat:enterprise_linux:7::client
    cpe:/o:redhat:enterprise_linux:7::workstation
    cpe:/o:redhat:enterprise_linux:7::computenode
    cpe:/o:redhat:enterprise_linux:7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020240613122040.25e700aa   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020240807050952.6dbb3803   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.4.5-8.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.2.4-9.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3657",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-05T20:48:33.613730Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-05T20:49:13.347Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T20:20:00.332Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:3591",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3591"
          },
          {
            "name": "RHSA-2024:3837",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3837"
          },
          {
            "name": "RHSA-2024:4092",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4092"
          },
          {
            "name": "RHSA-2024:4209",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4209"
          },
          {
            "name": "RHSA-2024:4210",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4210"
          },
          {
            "name": "RHSA-2024:4235",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4235"
          },
          {
            "name": "RHSA-2024:4633",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4633"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-3657"
          },
          {
            "name": "RHBZ#2274401",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server_e4s:11.5::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.5 E4S for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020250210084424.0ca98e7e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11.7::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.7 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240909040333.f969626e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11.8::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.8 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8090020240606122459.91529cd0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11.9::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11",
          "product": "Red Hat Directory Server 11.9 for RHEL 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240604161237.37ed7c03",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server_eus:12.2::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12",
          "product": "Red Hat Directory Server 12.2 EUS for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9020020240916150035.1674d574",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12.4::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12",
          "product": "Red Hat Directory Server 12.4 for RHEL 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "9040020240604143706.1674d574",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::client",
            "cpe:/o:redhat:enterprise_linux:7::workstation",
            "cpe:/o:redhat:enterprise_linux:7::computenode",
            "cpe:/o:redhat:enterprise_linux:7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.11.1-5.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds:1.4",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240613122040.25e700aa",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds:1.4",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020240807050952.6dbb3803",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.5-8.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.2.4-9.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-05-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in 389-ds-base. A specially-crafted LDAP query can potentially cause a failure on the directory server, leading to a denial of service"
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-23T11:53:37.326Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:3591",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3591"
        },
        {
          "name": "RHSA-2024:3837",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3837"
        },
        {
          "name": "RHSA-2024:4092",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4092"
        },
        {
          "name": "RHSA-2024:4209",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4209"
        },
        {
          "name": "RHSA-2024:4210",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4210"
        },
        {
          "name": "RHSA-2024:4235",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4235"
        },
        {
          "name": "RHSA-2024:4633",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4633"
        },
        {
          "name": "RHSA-2024:5690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:5690"
        },
        {
          "name": "RHSA-2024:6576",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6576"
        },
        {
          "name": "RHSA-2024:7458",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7458"
        },
        {
          "name": "RHSA-2025:1632",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1632"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3657"
        },
        {
          "name": "RHBZ#2274401",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2274401"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-04-10T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-05-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "389-ds-base: potential denial of service via specially crafted kerberos as-req request",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3657",
    "datePublished": "2024-05-28T12:53:03.399Z",
    "dateReserved": "2024-04-11T14:21:25.571Z",
    "dateUpdated": "2025-07-23T11:53:37.326Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8418 (GCVE-0-2024-8418)
Vulnerability from cvelistv5
Published
2024-09-04 14:24
Modified
2025-07-24 13:14
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Summary
A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime.
Impacted products
Vendor Product Version
Version: 1.12.0   
Version: 1.12.1   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.14.0-1.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8418",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T15:21:26.948674Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T15:21:37.784Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/aardvark-dns/",
          "defaultStatus": "unaffected",
          "packageName": "containers/aardvark-dns",
          "versions": [
            {
              "status": "affected",
              "version": "1.12.0",
              "versionType": "semver"
            },
            {
              "status": "affected",
              "version": "1.12.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "aardvark-dns",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.14.0-1.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "aardvark-dns",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:rhel8/aardvark-dns",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:rhel8/containers-common",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "containers-common",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-04T10:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Aardvark-dns, which is vulnerable to a Denial of Service attack due to the serial processing of TCP DNS queries. An attacker can exploit this flaw by keeping a TCP connection open indefinitely, causing the server to become unresponsive and resulting in other DNS queries timing out. This issue prevents legitimate users from accessing DNS services, thereby disrupting normal operations and causing service downtime."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-24T13:14:19.951Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7094",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7094"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8418"
        },
        {
          "name": "RHBZ#2309683",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309683"
        },
        {
          "url": "https://github.com/containers/aardvark-dns/issues/500"
        },
        {
          "url": "https://github.com/containers/aardvark-dns/pull/503"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-03T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-04T10:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Containers/aardvark-dns: tcp query handling flaw in aardvark-dns leading to denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "It is advised to upgrade aardvark-dns to version 1.12.1 or higher."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8418",
    "datePublished": "2024-09-04T14:24:03.276Z",
    "dateReserved": "2024-09-04T10:38:07.126Z",
    "dateUpdated": "2025-07-24T13:14:19.951Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3416 (GCVE-0-2025-3416)
Vulnerability from cvelistv5
Published
2025-04-08 18:24
Modified
2025-07-28 13:41
CWE
Summary
A flaw was found in OpenSSL's handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string.
Impacted products
Vendor Product Version
Version: 0.10.39   
Create a notification for this product.
   Red Hat Red Hat Directory Server 11     cpe:/a:redhat:directory_server:11
Create a notification for this product.
   Red Hat Red Hat Directory Server 12     cpe:/a:redhat:directory_server:12
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3416",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-08T19:02:06.643346Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-08T19:02:13.881Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/sfackler/rust-openssl",
          "defaultStatus": "unaffected",
          "packageName": "rust-openssl",
          "versions": [
            {
              "lessThan": "0.10.72",
              "status": "affected",
              "version": "0.10.39",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:11/389-ds-base",
          "product": "Red Hat Directory Server 11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12"
          ],
          "defaultStatus": "affected",
          "packageName": "redhat-ds:12/389-ds-base",
          "product": "Red Hat Directory Server 12",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "openssl",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds:1.4/389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-openssl",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mozjs60",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.12-cryptography",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "firefox:flatpak/firefox",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gjs",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "keylime-agent-rust",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "polkit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "python3.12-cryptography",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "rust-bootupd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "kata-containers",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuffer-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuftool-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-trustification-service-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-04T20:31:08.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in OpenSSL\u0027s handling of the properties argument in certain functions. This vulnerability can allow use-after-free exploitation, which may result in undefined behavior or incorrect property parsing, leading to OpenSSL treating the input as an empty string."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-416",
              "description": "Use After Free",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T13:41:51.829Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-3416"
        },
        {
          "name": "RHBZ#2357560",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357560"
        },
        {
          "url": "https://github.com/sfackler/rust-openssl"
        },
        {
          "url": "https://github.com/sfackler/rust-openssl/commit/87085bd67896b7f92e6de35d081f607a334beae4"
        },
        {
          "url": "https://github.com/sfackler/rust-openssl/pull/2390"
        },
        {
          "url": "https://rustsec.org/advisories/RUSTSEC-2025-0022.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-04T21:02:15.898318+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-04T20:31:08+00:00",
          "value": "Made public."
        }
      ],
      "title": "Rust-openssl: rust-openssl use-after-free in `md::fetch` and `cipher::fetch`",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-416: Use After Free"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-3416",
    "datePublished": "2025-04-08T18:24:22.102Z",
    "dateReserved": "2025-04-07T14:33:50.264Z",
    "dateUpdated": "2025-07-28T13:41:51.829Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49176 (GCVE-0-2025-49176)
Vulnerability from cvelistv5
Published
2025-06-17 14:49
Modified
2025-07-15 01:04
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.
References
https://access.redhat.com/errata/RHSA-2025:10258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10342 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10344 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10346 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10347 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10348 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10349 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10350 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10351 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10352 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10355 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10356 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10360 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10370 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10375 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10376 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10377 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10378 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10381 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10410 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9303 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9304 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9305 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9306 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9392 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49176 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369954 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7.7 Advanced Update Support Unaffected: 0:1.8.0-17.el7_7.1   < *
    cpe:/o:redhat:rhel_aus:7.7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-32.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9.2   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-26.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-18.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.15.0-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.14   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.20.6-4.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-31.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-4.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:21.1.3-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.20.11-11.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.15   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:21.1.3-8.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.20.11-18.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.12.0-14.el9_2.12   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:22.1.9-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.20.11-26.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::crb
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.7   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49176",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:58:49.779795Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:59:07.660Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-06-18T18:03:59.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/18/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:04:39.063Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49176"
        },
        {
          "name": "RHBZ#2369954",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T07:10:25.307000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49176",
    "datePublished": "2025-06-17T14:49:49.143Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:04:39.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-12133 (GCVE-0-2024-12133)
Vulnerability from cvelistv5
Published
2025-02-10 15:28
Modified
2025-08-03 11:25
CWE
  • CWE-407 - Inefficient Algorithmic Complexity
Summary
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.13-5.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:4.13-5.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:4.16.0-9.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:4.16.0-9.el9   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:4.16.0-8.el9_4.1   < *
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Discovery 1.14 Unaffected: sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e   < *
    cpe:/a:redhat:discovery:1.14::el9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2025-05-23T13:10:59.480Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/02/06/6"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html"
          },
          {
            "url": "https://security.netapp.com/advisory/ntap-20250523-0003/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-12133",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T16:25:41.090444Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-10T16:26:20.251Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.com/gnutls/libtasn1/",
          "defaultStatus": "unaffected",
          "packageName": "libtasn1",
          "versions": [
            {
              "lessThan": "4.20.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.13-5.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.13-5.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0-9.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0-9.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.16.0-8.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-server-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:discovery:1.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "registry.redhat.io/discovery/discovery-ui-rhel9",
          "product": "Red Hat Discovery 1.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libtasn1",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Bing Shi for reporting this issue."
        }
      ],
      "datePublic": "2025-02-10T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-407",
              "description": "Inefficient Algorithmic Complexity",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T11:25:49.715Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4049",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4049"
        },
        {
          "name": "RHSA-2025:7077",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7077"
        },
        {
          "name": "RHSA-2025:8021",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8021"
        },
        {
          "name": "RHSA-2025:8385",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8385"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-12133"
        },
        {
          "name": "RHBZ#2344611",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344611"
        },
        {
          "url": "https://gitlab.com/gnutls/libtasn1/-/issues/52"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-10T08:14:05.460000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-10T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos",
      "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-12133",
    "datePublished": "2025-02-10T15:28:03.193Z",
    "dateReserved": "2024-12-04T03:13:48.478Z",
    "dateUpdated": "2025-08-03T11:25:49.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4598 (GCVE-0-2025-4598)
Vulnerability from cvelistv5
Published
2025-05-30 13:13
Modified
2025-07-25 04:34
CWE
  • CWE-364 - Signal Handler Race Condition
Summary
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4598",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-30T13:43:28.420360Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-30T13:43:42.405Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-06-05T07:03:23.601Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/05/1"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/05/3"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "systemd",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-29T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original\u0027s privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.\n\nA SUID binary or process has a special type of permission, which allows the process to run with the file owner\u0027s permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original\u0027s SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-25T04:34:12.983Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4598"
        },
        {
          "name": "RHBZ#2369242",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369242"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2025/05/29/3"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-29T19:04:54.578000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-29T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump",
      "workarounds": [
        {
          "lang": "en",
          "value": "This issue can be mitigated by disabling the capability of the system to generate a coredump for SUID binaries. The perform that, the following command can be ran as `root` user:\n\n~~~\necho 0 \u003e /proc/sys/fs/suid_dumpable\n~~~\n\nWhile this mitigates this vulnerability while it\u0027s not possible to update the systemd package, it disables the capability of analyzing crashes for such binaries."
        }
      ],
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4598",
    "datePublished": "2025-05-30T13:13:26.049Z",
    "dateReserved": "2025-05-12T16:33:34.815Z",
    "dateUpdated": "2025-07-25T04:34:12.983Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6170 (GCVE-0-2025-6170)
Vulnerability from cvelistv5
Published
2025-06-16 15:24
Modified
2025-08-12 13:12
CWE
  • CWE-121 - Stack-based Buffer Overflow
Summary
A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6170",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-16T16:05:03.613731Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-16T16:05:15.543Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html",
          "cpes": [
            "cpe:/a:redhat:jboss_core_services:1"
          ],
          "defaultStatus": "affected",
          "packageName": "libxml2",
          "product": "Red Hat JBoss Core Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Ahmed Lekssays for reporting this issue."
        }
      ],
      "datePublic": "2025-06-16T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the interactive shell of the xmllint command-line tool, used for parsing XML files. When a user inputs an overly long command, the program does not check the input size properly, which can cause it to crash. This issue might allow attackers to run harmful code in rare configurations without modern protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 2.5,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-121",
              "description": "Stack-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T13:12:29.632Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6170"
        },
        {
          "name": "RHBZ#2372952",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372952"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-16T05:33:22.955000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-16T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libxml2: stack buffer overflow in xmllint interactive shell command handling",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly recommended to apply the upstream patch once available."
        }
      ],
      "x_redhatCweChain": "CWE-121: Stack-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6170",
    "datePublished": "2025-06-16T15:24:05.410Z",
    "dateReserved": "2025-06-16T05:59:31.739Z",
    "dateUpdated": "2025-08-12T13:12:29.632Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4382 (GCVE-0-2025-4382)
Vulnerability from cvelistv5
Published
2025-05-09 11:59
Modified
2025-07-29 17:44
CWE
  • CWE-306 - Missing Authentication for Critical Function
Summary
A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlying filesystem superblock, GRUB will fail to locate a valid filesystem and enter rescue mode. At this point, the disk is already decrypted, and the decryption key remains loaded in system memory. This scenario may allow an attacker with physical access to access the unencrypted data without any further authentication, thereby compromising data confidentiality. Furthermore, the ability to force this state through filesystem corruption also presents a data integrity concern.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4382",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-09T13:23:09.759013Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-09T13:33:37.385Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-08T23:59:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in systems utilizing LUKS-encrypted disks with GRUB configured for TPM-based auto-decryption. When GRUB is set to automatically decrypt disks using keys stored in the TPM, it reads the decryption key into system memory. If an attacker with physical access can corrupt the underlying filesystem superblock, GRUB will fail to locate a valid filesystem and enter rescue mode. At this point, the disk is already decrypted, and the decryption key remains loaded in system memory. This scenario may allow an attacker with physical access to access the unencrypted data without any further authentication, thereby compromising data confidentiality. Furthermore, the ability to force this state through filesystem corruption also presents a data integrity concern."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-306",
              "description": "Missing Authentication for Critical Function",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T17:44:28.715Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4382"
        },
        {
          "name": "RHBZ#2364416",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2364416"
        },
        {
          "url": "https://gitweb.git.savannah.gnu.org/gitweb/?p=grub.git;a=blobdiff;f=grub-core/kern/rescue_reader.c;h=a71ada8fb7da2eae6ee7135fe234fb1755ca78b0;hp=4259857ba9eea45446bc40ea13c3de4ab1b88ffd;hb=c448f511e74cb7c776b314fcb7943f98d3f22b6d;hpb=4abac0ad5a7914dd3cdfff08aaac06588bf98d80"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-06T14:24:53.960000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-08T23:59:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: grub allow access to encrypted device through cli once root device is unlocked via tpm",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available that meets Red Hat Product Security\u2019s standards for usability, deployment, applicability, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-306: Missing Authentication for Critical Function"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4382",
    "datePublished": "2025-05-09T11:59:33.176Z",
    "dateReserved": "2025-05-06T13:23:57.941Z",
    "dateUpdated": "2025-07-29T17:44:28.715Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8556 (GCVE-0-2025-8556)
Vulnerability from cvelistv5
Published
2025-08-06 08:48
Modified
2025-08-06 20:24
CWE
  • CWE-347 - Improper Verification of Cryptographic Signature
Summary
A flaw was found in CIRCL's implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange.
Impacted products
Vendor Product Version
Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
Create a notification for this product.
   Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
Create a notification for this product.
   Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
Create a notification for this product.
   Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
Create a notification for this product.
   Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
Create a notification for this product.
   Red Hat Builds for Red Hat OpenShift     cpe:/a:redhat:openshift_builds:1
Create a notification for this product.
   Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Create a notification for this product.
   Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Create a notification for this product.
   Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Create a notification for this product.
   Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Create a notification for this product.
   Red Hat Custom Metric Autoscaler operator for Red Hat Openshift     cpe:/a:redhat:openshift_custom_metrics_autoscaler:2
Create a notification for this product.
   Red Hat Multicluster Global Hub     cpe:/a:redhat:multicluster_globalhub
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Pipelines     cpe:/a:redhat:openshift_pipelines:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Serverless     cpe:/a:redhat:serverless:1
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat OpenShift Service Mesh 3     cpe:/a:redhat:service_mesh:3
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Management for Kubernetes 2     cpe:/a:redhat:acm:2
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Advanced Cluster Security 4     cpe:/a:redhat:advanced_cluster_security:4
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 8     cpe:/a:redhat:ceph_storage:8
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 8     cpe:/a:redhat:ceph_storage:8
Create a notification for this product.
   Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
Create a notification for this product.
   Red Hat Red Hat Developer Hub     cpe:/a:redhat:rhdh:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux AI (RHEL AI)     cpe:/a:redhat:enterprise_linux_ai:1
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift AI (RHOAI)     cpe:/a:redhat:openshift_ai
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
Create a notification for this product.
   Red Hat Red Hat OpenShift Dev Workspaces Operator     cpe:/a:redhat:devworkspace
Create a notification for this product.
   Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
Create a notification for this product.
   Red Hat Red Hat OpenShift for Windows Containers     cpe:/a:redhat:windows_machine_config
Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
Create a notification for this product.
   Red Hat Red Hat OpenShift GitOps     cpe:/a:redhat:openshift_gitops:1
Create a notification for this product.
   Red Hat Red Hat OpenShift Virtualization 4     cpe:/a:redhat:container_native_virtualization:4
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 16.2     cpe:/a:redhat:openstack:16.2
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat OpenStack Platform 17.1     cpe:/a:redhat:openstack:17.1
Create a notification for this product.
   Red Hat Red Hat Trusted Application Pipeline     cpe:/a:redhat:trusted_application_pipeline:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Artifact Signer     cpe:/a:redhat:trusted_artifact_signer:1
Create a notification for this product.
   Red Hat Red Hat Trusted Profile Analyzer     cpe:/a:redhat:trusted_profile_analyzer:1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8556",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-06T20:24:48.827225Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-08-06T20:24:59.905Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-controller-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-git-cloner-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-image-bundler-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-image-processing-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-waiters-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_builds:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-builds/openshift-builds-webhook-rhel9",
          "product": "Builds for Red Hat OpenShift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-adapter-rhel9",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-admission-webhooks-rhel9",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-operator-bundle",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_custom_metrics_autoscaler:2"
          ],
          "defaultStatus": "affected",
          "packageName": "custom-metrics-autoscaler/custom-metrics-autoscaler-rhel9-operator",
          "product": "Custom Metric Autoscaler operator for Red Hat Openshift",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:multicluster_globalhub"
          ],
          "defaultStatus": "affected",
          "packageName": "multicluster-globalhub/multicluster-globalhub-grafana-rhel9",
          "product": "Multicluster Global Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-chains-controller-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-chains-controller-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-cli-tkn-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-cli-tkn-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-controller-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-controller-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-entrypoint-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-entrypoint-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-events-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-events-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-nop-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-nop-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-bundle",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-proxy-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-proxy-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-webhook-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-operator-webhook-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-resolvers-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-resolvers-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-rhel8-operator",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-rhel9-operator",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-sidecarlogresults-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-sidecarlogresults-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-webhook-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-webhook-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-workingdirinit-rhel8",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_pipelines:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-pipelines/pipelines-workingdirinit-rhel9",
          "product": "OpenShift Pipelines",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-client-cli-artifacts-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-client-kn-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-plugin-event-sender-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:serverless:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-serverless-1/kn-plugin-func-func-util-rhel8",
          "product": "OpenShift Serverless",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh-dev-preview-beta/istio-ztunnel-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-cni-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-must-gather-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-pilot-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-proxyv2-rhel9",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-rhel9-operator",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:service_mesh:3"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-service-mesh/istio-sail-operator-bundle",
          "product": "OpenShift Service Mesh 3",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "flightctl",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-api-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-periodic-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-flightctl-worker-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/acm-grafana-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/multicluster-operators-subscription-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/subctl-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:acm:2"
          ],
          "defaultStatus": "affected",
          "packageName": "rhacm2/volsync-rhel9",
          "product": "Red Hat Advanced Cluster Management for Kubernetes 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-central-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-main-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-rhel8-operator",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-roxctl-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-db-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-slim-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-db-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:advanced_cluster_security:4"
          ],
          "defaultStatus": "affected",
          "packageName": "advanced-cluster-security/rhacs-scanner-v4-rhel8",
          "product": "Red Hat Advanced Cluster Security 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "affected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "affected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhceph/grafana-rhel9",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Ceph Storage 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhdh:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhdh-orchestrator-dev-preview-beta/controller-rhel9-operator",
          "product": "Red Hat Developer Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhdh:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhdh-orchestrator-dev-preview-beta/orchestrator-operator-bundle",
          "product": "Red Hat Developer Hub",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhel10/grafana",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhel9/grafana",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-amd-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-aws-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-azure-amd-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-azure-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-gcp-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/bootc-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/instructlab-amd-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhelai1/instructlab-nvidia-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/pathservice-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux_ai:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhelai1/ui-rhel9",
          "product": "Red Hat Enterprise Linux AI (RHEL AI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-data-science-pipelines-argo-argoexec-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_ai"
          ],
          "defaultStatus": "affected",
          "packageName": "rhoai/odh-data-science-pipelines-argo-workflowcontroller-rhel8",
          "product": "Red Hat OpenShift AI (RHOAI)",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/o-cloud-manager-operator-bundle",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/o-cloud-manager-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-aws-cluster-api-controllers-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-aws-cluster-api-controllers-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-api-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-kube-cluster-api-rhel8-operator",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-cluster-kube-cluster-api-rhel9-operator",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-console",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-console-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-rukpak-rhel8",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-olm-rukpak-rhel9",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devworkspace"
          ],
          "defaultStatus": "affected",
          "packageName": "devworkspace/devworkspace-operator-bundle",
          "product": "Red Hat OpenShift Dev Workspaces Operator",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devworkspace"
          ],
          "defaultStatus": "affected",
          "packageName": "devworkspace/devworkspace-project-clone-rhel9",
          "product": "Red Hat OpenShift Dev Workspaces Operator",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:devworkspace"
          ],
          "defaultStatus": "affected",
          "packageName": "devworkspace/devworkspace-rhel9-operator",
          "product": "Red Hat OpenShift Dev Workspaces Operator",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:windows_machine_config"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4-wincw/windows-machine-config-operator-bundle",
          "product": "Red Hat OpenShift for Windows Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:windows_machine_config"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4-wincw/windows-machine-config-rhel9-operator",
          "product": "Red Hat OpenShift for Windows Containers",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel8",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argocd-rhel9",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/argo-rollouts-rhel8",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift_gitops:1"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift-gitops-1/gitops-rhel8",
          "product": "Red Hat OpenShift GitOps",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:container_native_virtualization:4"
          ],
          "defaultStatus": "affected",
          "packageName": "container-native-virtualization/cluster-network-addons-operator-rhel9",
          "product": "Red Hat OpenShift Virtualization 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-agent",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-downloader",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:16.2"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-operator",
          "product": "Red Hat OpenStack Platform 16.2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-agent",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-downloader",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openstack:17.1"
          ],
          "defaultStatus": "unknown",
          "packageName": "rhosp-rhel9/osp-director-operator",
          "product": "Red Hat OpenStack Platform 17.1",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_application_pipeline:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtap-task-runner/rhtap-task-runner-rhel9",
          "product": "Red Hat Trusted Application Pipeline",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/client-server-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/cosign-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/createctconfig-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/ctlog-managectroots-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/fulcio-createcerts-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/gitsign-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/trillian-createdb-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_artifact_signer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtas/tuf-server-rhel9",
          "product": "Red Hat Trusted Artifact Signer",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:trusted_profile_analyzer:1"
          ],
          "defaultStatus": "affected",
          "packageName": "rhtpa/rhtpa-guac-rhel9",
          "product": "Red Hat Trusted Profile Analyzer",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-10T21:18:33.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in CIRCL\u0027s implementation of the FourQ elliptic curve. This vulnerability allows an attacker to compromise session security via low-order point injection and incorrect point validation during Diffie-Hellman key exchange."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-347",
              "description": "Improper Verification of Cryptographic Signature",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-06T09:09:23.503Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-8556"
        },
        {
          "name": "RHBZ#2371624",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2371624"
        },
        {
          "url": "https://github.com/cloudflare/circl"
        },
        {
          "url": "https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm"
        },
        {
          "url": "https://github.com/cloudflare/circl/tree/v1.6.1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-11T00:00:46.556585+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-10T21:18:33+00:00",
          "value": "Made public."
        }
      ],
      "title": "Github.com/cloudflare/circl: circl-fourq: missing and wrong validation can lead to incorrect results",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "(CWE-20|CWE-347): Improper Input Validation or Improper Verification of Cryptographic Signature"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-8556",
    "datePublished": "2025-08-06T08:48:17.946Z",
    "dateReserved": "2025-08-04T14:05:14.993Z",
    "dateUpdated": "2025-08-06T20:24:59.905Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52337 (GCVE-0-2024-52337)
Vulnerability from cvelistv5
Published
2024-11-26 15:21
Modified
2025-08-04 04:06
CWE
  • CWE-20 - Improper Input Validation
Summary
A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.
References
Impacted products
Vendor Product Version
Version: 2.23.0   
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 7 Unaffected: 0:2.11.0-5.el7fdp.2   < *
    cpe:/o:redhat:enterprise_linux:7::fastdatapath
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:2.24.0-2.1.20240819gitc082797f.el8fdp   < *
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
Create a notification for this product.
   Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:2.24.0-2.1.20240819gitc082797f.el9fdp   < *
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.11.0-13.el7_9   < *
    cpe:/a:redhat:rhel_extras_sap_els:7
    cpe:/o:redhat:rhel_els:7
    cpe:/a:redhat:rhel_extras_sap_hana_els:7
    cpe:/a:redhat:rhel_extras_rt_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.11.0-13.el7_9   < *
    cpe:/a:redhat:rhel_extras_sap_els:7
    cpe:/o:redhat:rhel_els:7
    cpe:/a:redhat:rhel_extras_sap_hana_els:7
    cpe:/a:redhat:rhel_extras_rt_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.22.1-5.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::sap_hana
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::sap
    cpe:/a:redhat:enterprise_linux:8::nfv
    cpe:/a:redhat:enterprise_linux:8::realtime
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.22.1-5.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::sap_hana
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::sap
    cpe:/a:redhat:enterprise_linux:8::nfv
    cpe:/a:redhat:enterprise_linux:8::realtime
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.20.0-1.el8_4.2   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/a:redhat:rhel_e4s:8.4::sap
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::nfv
    cpe:/a:redhat:rhel_tus:8.4::realtime
    cpe:/a:redhat:rhel_e4s:8.4::sap_hana
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:2.20.0-1.el8_4.2   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/a:redhat:rhel_e4s:8.4::sap
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::nfv
    cpe:/a:redhat:rhel_tus:8.4::realtime
    cpe:/a:redhat:rhel_e4s:8.4::sap_hana
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:2.20.0-1.el8_4.2   < *
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/a:redhat:rhel_e4s:8.4::sap
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::nfv
    cpe:/a:redhat:rhel_tus:8.4::realtime
    cpe:/a:redhat:rhel_e4s:8.4::sap_hana
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.20.0-1.el8_6.2   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::sap_hana
    cpe:/a:redhat:rhel_tus:8.6::nfv
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::realtime
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::nfv
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::sap
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.20.0-1.el8_6.2   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::sap_hana
    cpe:/a:redhat:rhel_tus:8.6::nfv
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::realtime
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::nfv
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::sap
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.20.0-1.el8_6.2   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::sap_hana
    cpe:/a:redhat:rhel_tus:8.6::nfv
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::realtime
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::nfv
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::sap
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.20.0-2.el8_8.1   < *
    cpe:/a:redhat:rhel_eus:8.8::sap
    cpe:/a:redhat:rhel_eus:8.8::nfv
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/a:redhat:rhel_eus:8.8::realtime
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::sap_hana
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.24.0-2.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::realtime
    cpe:/a:redhat:enterprise_linux:9::sap
    cpe:/a:redhat:enterprise_linux:9::sap_hana
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::nfv
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.24.0-2.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::realtime
    cpe:/a:redhat:enterprise_linux:9::sap
    cpe:/a:redhat:enterprise_linux:9::sap_hana
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::nfv
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.20.0-3.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::realtime
    cpe:/a:redhat:rhel_eus:9.2::sap
    cpe:/a:redhat:rhel_eus:9.2::sap_hana
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
    cpe:/a:redhat:rhel_eus:9.2::nfv
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.22.1-3.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::sap_hana
    cpe:/a:redhat:rhel_eus:9.4::sap
    cpe:/o:redhat:rhel_eus:9.4::baseos
    cpe:/a:redhat:rhel_eus:9.4::realtime
    cpe:/a:redhat:rhel_eus:9.4::nfv
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52337",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-26T15:57:55.472014Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-26T15:58:21.678Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-11-29T04:33:54.110Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.openwall.com/lists/oss-security/2024/11/28/2"
          },
          {
            "url": "https://security.opensuse.org/2024/11/26/tuned-instance-create.html"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/redhat-performance/tuned",
          "defaultStatus": "unaffected",
          "packageName": "tuned",
          "versions": [
            {
              "lessThan": "2.24.1",
              "status": "affected",
              "version": "2.23.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Fast Datapath for Red Hat Enterprise Linux 7",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.11.0-5.el7fdp.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Fast Datapath for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.1.20240819gitc082797f.el8fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Fast Datapath for Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.1.20240819gitc082797f.el9fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_extras_sap_els:7",
            "cpe:/o:redhat:rhel_els:7",
            "cpe:/a:redhat:rhel_extras_sap_hana_els:7",
            "cpe:/a:redhat:rhel_extras_rt_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.11.0-13.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_extras_sap_els:7",
            "cpe:/o:redhat:rhel_els:7",
            "cpe:/a:redhat:rhel_extras_sap_hana_els:7",
            "cpe:/a:redhat:rhel_extras_rt_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.11.0-13.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::sap_hana",
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::sap",
            "cpe:/a:redhat:enterprise_linux:8::nfv",
            "cpe:/a:redhat:enterprise_linux:8::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.1-5.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::sap_hana",
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::sap",
            "cpe:/a:redhat:enterprise_linux:8::nfv",
            "cpe:/a:redhat:enterprise_linux:8::realtime"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.1-5.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/a:redhat:rhel_e4s:8.4::sap",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::nfv",
            "cpe:/a:redhat:rhel_tus:8.4::realtime",
            "cpe:/a:redhat:rhel_e4s:8.4::sap_hana"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-1.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/a:redhat:rhel_e4s:8.4::sap",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::nfv",
            "cpe:/a:redhat:rhel_tus:8.4::realtime",
            "cpe:/a:redhat:rhel_e4s:8.4::sap_hana"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-1.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/a:redhat:rhel_e4s:8.4::sap",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::nfv",
            "cpe:/a:redhat:rhel_tus:8.4::realtime",
            "cpe:/a:redhat:rhel_e4s:8.4::sap_hana"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-1.el8_4.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
            "cpe:/a:redhat:rhel_tus:8.6::nfv",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::realtime",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::nfv",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::sap"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-1.el8_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
            "cpe:/a:redhat:rhel_tus:8.6::nfv",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::realtime",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::nfv",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::sap"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-1.el8_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::sap_hana",
            "cpe:/a:redhat:rhel_tus:8.6::nfv",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::realtime",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::nfv",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::sap"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-1.el8_6.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::sap",
            "cpe:/a:redhat:rhel_eus:8.8::nfv",
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus:8.8::realtime",
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::sap_hana"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-2.el8_8.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::sap",
            "cpe:/a:redhat:enterprise_linux:9::sap_hana",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::realtime",
            "cpe:/a:redhat:enterprise_linux:9::sap",
            "cpe:/a:redhat:enterprise_linux:9::sap_hana",
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::nfv",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.24.0-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::realtime",
            "cpe:/a:redhat:rhel_eus:9.2::sap",
            "cpe:/a:redhat:rhel_eus:9.2::sap_hana",
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/a:redhat:rhel_eus:9.2::nfv"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.20.0-3.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::sap_hana",
            "cpe:/a:redhat:rhel_eus:9.4::sap",
            "cpe:/o:redhat:rhel_eus:9.4::baseos",
            "cpe:/a:redhat:rhel_eus:9.4::realtime",
            "cpe:/a:redhat:rhel_eus:9.4::nfv",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.22.1-3.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "tuned",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matthias Gerstner (SUSE Security Team) for reporting this issue."
        }
      ],
      "datePublic": "2024-11-26T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the \u0027evil\u0027 the attacker could mimic a valid TuneD log line and trick the administrator. The quotes \u0027\u0027 are usually used in TuneD logs citing raw user input, so there will always be the \u0027 character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned\u0027s D-Bus interface for such operations."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-04T04:06:31.576Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10381"
        },
        {
          "name": "RHSA-2024:10384",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:10384"
        },
        {
          "name": "RHSA-2024:11161",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:11161"
        },
        {
          "name": "RHSA-2025:0195",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0195"
        },
        {
          "name": "RHSA-2025:0327",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0327"
        },
        {
          "name": "RHSA-2025:0368",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0368"
        },
        {
          "name": "RHSA-2025:0879",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0879"
        },
        {
          "name": "RHSA-2025:0880",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0880"
        },
        {
          "name": "RHSA-2025:0881",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0881"
        },
        {
          "name": "RHSA-2025:1785",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1785"
        },
        {
          "name": "RHSA-2025:1802",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:1802"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-52337"
        },
        {
          "name": "RHBZ#2324541",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2324541"
        },
        {
          "url": "https://security.opensuse.org/2024/11/26/tuned-instance-create.html"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/11/28/1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-08T12:56:07.615000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-11-26T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Tuned: improper sanitization of `instance_name` parameter of the `instance_create()` method",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-52337",
    "datePublished": "2024-11-26T15:21:17.538Z",
    "dateReserved": "2024-11-08T13:09:39.005Z",
    "dateUpdated": "2025-08-04T04:06:31.576Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49177 (GCVE-0-2025-49177)
Vulnerability from cvelistv5
Published
2025-06-17 14:49
Modified
2025-08-01 18:23
CWE
  • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.
References
https://access.redhat.com/errata/RHSA-2025:10258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9304 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49177 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369955 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:22.1.9-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49177",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:57:08.270521Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:57:19.357Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-01T18:23:05.207Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49177"
        },
        {
          "name": "RHBZ#2369955",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369955"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T07:25:46.732000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: data leak in xfixes extension\u0027s xfixessetclientdisconnectmode",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49177",
    "datePublished": "2025-06-17T14:49:49.199Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-08-01T18:23:05.207Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6199 (GCVE-0-2025-6199)
Vulnerability from cvelistv5
Published
2025-06-17 14:30
Modified
2025-07-31 15:57
CWE
  • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
A flaw was found in the GIF parser of GdkPixbuf’s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image.
References
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6199",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:43:00.906047Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:43:23.322Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glycin-loaders",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "loupe",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "snapshot",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gdk-pixbuf2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the GIF parser of GdkPixbuf\u2019s LZW decoder. When an invalid symbol is encountered during decompression, the decoder sets the reported output size to the full buffer length rather than the actual number of written bytes. This logic error results in uninitialized sections of the buffer being included in the output, potentially leaking arbitrary memory contents in the processed image."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 3.3,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-200",
              "description": "Exposure of Sensitive Information to an Unauthorized Actor",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-31T15:57:49.309Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6199"
        },
        {
          "name": "RHBZ#2373147",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2373147"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-17T11:53:43.788000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gdk-pixbuf: uninitialized memory disclosure in gdkpixbuf gif lzw decoder",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6199",
    "datePublished": "2025-06-17T14:30:42.665Z",
    "dateReserved": "2025-06-17T11:58:17.009Z",
    "dateUpdated": "2025-07-31T15:57:49.309Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-8283 (GCVE-0-2025-8283)
Vulnerability from cvelistv5
Published
2025-07-28 18:16
Modified
2025-08-11 19:16
CWE
  • CWE-15 - External Control of System or Configuration Setting
Summary
A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman's search domain is not added anymore the container is using the host's resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-8283",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-28T18:28:59.475895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-28T18:29:12.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "netavark",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/containers-common",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8/netavark",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "netavark",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Johannes Kasberger for reporting this issue."
        }
      ],
      "datePublic": "2025-07-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in the netavark package, a network stack for containers used with Podman. Due to dns.podman search domain being removed, netavark may return external servers if a valid A/AAAA record is sent as a response. When creating a container with a given name, this name will be used as the hostname for the container itself, as the podman\u0027s search domain is not added anymore the container is using the host\u0027s resolv.conf, and the DNS resolver will try to look into the search domains contained on it. If one of the domains contain a name with the same hostname as the running container, the connection will forward to unexpected external servers."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-15",
              "description": "External Control of System or Configuration Setting",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-11T19:16:45.192Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-8283"
        },
        {
          "name": "RHBZ#2383941",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2383941"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-07-28T14:15:36.417000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-07-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Netavark: podman: netavark may resolve hostnames to unexpected hosts",
      "workarounds": [
        {
          "lang": "en",
          "value": "As a proactive mitigation, configure containers to have hostnames formatted as \u003cname\u003e.dns.podman. This specific naming convention will prevent aardvark-dns from forwarding these queries to external search domains, thereby reducing potential exposure or unexpected network behavior associated with such queries."
        }
      ],
      "x_redhatCweChain": "CWE-15: External Control of System or Configuration Setting"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-8283",
    "datePublished": "2025-07-28T18:16:07.853Z",
    "dateReserved": "2025-07-28T14:16:27.236Z",
    "dateUpdated": "2025-08-11T19:16:45.192Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32912 (GCVE-0-2025-32912)
Vulnerability from cvelistv5
Published
2025-04-14 14:44
Modified
2025-07-29 07:23
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash.
References
https://access.redhat.com/errata/RHSA-2025:7505 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32912 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359356 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32912",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T15:32:52.794484Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T15:33:09.304Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup, where SoupAuthDigest is vulnerable to a NULL pointer dereference. The HTTP server may cause the libsoup client to crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:23:14.074Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7505"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32912"
        },
        {
          "name": "RHBZ#2359356",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359356"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:21:00.709000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: null pointer dereference in client when server  omits the \"nonce\" parameter in an unauthorized response with digest  authentication",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32912",
    "datePublished": "2025-04-14T14:44:46.593Z",
    "dateReserved": "2025-04-14T01:59:13.827Z",
    "dateUpdated": "2025-07-29T07:23:14.074Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-56827 (GCVE-0-2024-56827)
Vulnerability from cvelistv5
Published
2025-01-09 03:40
Modified
2025-08-03 08:52
CWE
  • CWE-122 - Heap-based Buffer Overflow
Summary
A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior.
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.4.0-8.el9   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-56827",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-09T15:38:58.334350Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-09T15:40:19.795Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/uclouvain/openjpeg",
          "defaultStatus": "unknown",
          "packageName": "openjpeg",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2.5.3",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.4.0-8.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "gimp:flatpak/openjpeg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unknown",
          "packageName": "openjpeg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Frank Zeng (Huazhong University of Science and Technology) for reporting this issue."
        }
      ],
      "datePublic": "2024-12-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility.  This can lead to an application crash or other undefined behavior."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-122",
              "description": "Heap-based Buffer Overflow",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:52:40.282Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:7309",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7309"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-56827"
        },
        {
          "name": "RHBZ#2335174",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2335174"
        },
        {
          "url": "https://github.com/uclouvain/openjpeg/commit/e492644fbded4c820ca55b5e50e598d346e850e8"
        },
        {
          "url": "https://github.com/uclouvain/openjpeg/issues/1564"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-01-01T16:53:20.098000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-12-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openjpeg: heap buffer overflow in lib/openjp2/j2k.c",
      "x_redhatCweChain": "CWE-122: Heap-based Buffer Overflow"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-56827",
    "datePublished": "2025-01-09T03:40:30.512Z",
    "dateReserved": "2025-01-01T17:07:45.899Z",
    "dateUpdated": "2025-08-03T08:52:40.282Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-4478 (GCVE-0-2025-4478)
Vulnerability from cvelistv5
Published
2025-05-16 14:22
Modified
2025-07-29 18:34
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in the FreeRDP used by Anaconda's remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system.
References
Impacted products
Vendor Product Version
Version: 3.0.0-beta1   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 2:3.10.3-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-4478",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-16T14:46:22.256427Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-16T14:46:33.506Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.freerdp.com/",
          "defaultStatus": "unaffected",
          "packageName": "freerdp",
          "versions": [
            {
              "lessThan": "3.16.0",
              "status": "affected",
              "version": "3.0.0-beta1",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "freerdp",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:3.10.3-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "freerdp",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "freerdp",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-13T05:14:44.346Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the FreeRDP used by Anaconda\u0027s remote install feature, where a crafted RDP packet could trigger a segmentation fault. This issue causes the service to crash and remain defunct, resulting in a denial of service. It occurs pre-boot and is likely due to a NULL pointer dereference. Rebooting is required to recover the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T18:34:18.105Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:9307",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9307"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-4478"
        },
        {
          "name": "RHBZ#2365232",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2365232"
        },
        {
          "url": "https://github.com/FreeRDP/FreeRDP/pull/11573"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-05-09T05:55:04.784000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-13T05:14:44.346000+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gnome-remote-desktop: freerdp: unauthenticated rdp packet causes segfault in freerdp leading to denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-4478",
    "datePublished": "2025-05-16T14:22:17.265Z",
    "dateReserved": "2025-05-09T06:11:27.591Z",
    "dateUpdated": "2025-07-29T18:34:18.105Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6387 (GCVE-0-2024-6387)
Vulnerability from cvelistv5
Published
2024-07-01 12:37
Modified
2025-07-24 13:11
CWE
  • CWE-364 - Signal Handler Race Condition
Summary
A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.
Impacted products
Vendor Product Version
Version: 8.5p1   <
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:8.7p1-38.el9_4.1   < *
    cpe:/o:redhat:enterprise_linux:9::baseos
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:8.7p1-12.el9_0.1   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
    cpe:/o:redhat:rhel_e4s:9.0::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:8.7p1-30.el9_2.4   < *
    cpe:/o:redhat:rhel_eus:9.2::baseos
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 413.92.202407091321-0   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 414.92.202407091253-0   < *
    cpe:/a:redhat:openshift:4.14::el9
    cpe:/a:redhat:openshift:4.14::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 415.92.202407091355-0   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 416.94.202407081958-0   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 5     cpe:/a:redhat:ceph_storage:5
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 6     cpe:/a:redhat:ceph_storage:6
Create a notification for this product.
   Red Hat Red Hat Ceph Storage 7     cpe:/a:redhat:ceph_storage:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6387",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-02T13:18:34.695298Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-02T13:18:46.662Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-24T18:35:27.934Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://www.vicarius.io/vsociety/posts/regresshion-an-openssh-regression-error-cve-2024-6387"
          },
          {
            "url": "https://www.exploit-db.com/exploits/52269"
          },
          {
            "url": "https://packetstorm.news/files/id/190587/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/12"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/01/13"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/02/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/11"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/03/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/04/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/08/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/09/5"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/10/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/11/3"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/4"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/23/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/2"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/07/28/3"
          },
          {
            "name": "RHSA-2024:4312",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4312"
          },
          {
            "name": "RHSA-2024:4340",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4340"
          },
          {
            "name": "RHSA-2024:4389",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4389"
          },
          {
            "name": "RHSA-2024:4469",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4469"
          },
          {
            "name": "RHSA-2024:4474",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4474"
          },
          {
            "name": "RHSA-2024:4479",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4479"
          },
          {
            "name": "RHSA-2024:4484",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:4484"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://archlinux.org/news/the-sshd-service-needs-to-be-restarted-after-upgrading-to-openssh-98p1/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://arstechnica.com/security/2024/07/regresshion-vulnerability-in-openssh-gives-attackers-root-on-linux/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://blog.qualys.com/vulnerabilities-threat-research/2024/07/01/regresshion-remote-unauthenticated-code-execution-vulnerability-in-openssh-server"
          },
          {
            "name": "RHBZ#2294604",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://explore.alas.aws.amazon.com/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://forum.vmssoftware.com/viewtopic.php?f=8\u0026t=9132"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2024-002.txt.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/AlmaLinux/updates/issues/629"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/Azure/AKS/issues/4379"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/discussions/2248"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/PowerShell/Win32-OpenSSH/issues/2249"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/microsoft/azurelinux/issues/9555"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/openela-main/openssh/commit/e1f438970e5a337a17070a637c1b9e19697cad09"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/oracle/oracle-linux/issues/149"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/rapier1/hpn-ssh/issues/87"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/zgzhang/cve-2024-6387-poc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.almalinux.org/archives/list/announce@lists.almalinux.org/thread/23BF5BMGFVEVUI2WNVAGMLKT557EU7VY/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-announce/2024-July/000158.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.mindrot.org/pipermail/openssh-unix-dev/2024-July/041431.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=40843778"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2024-0010"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240701-0001/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://sig-security.rocky.page/issues/CVE-2024-6387/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://stackdiary.com/openssh-race-condition-in-sshd-allows-remote-code-execution/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/CVE-2024-6387"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://ubuntu.com/security/notices/USN-6859-1"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.akamai.com/blog/security-research/2024-openssh-vulnerability-regression-what-to-know-and-do"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.arista.com/en/support/advisories-notices/security-advisory/19904-security-advisory-0100"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-24:04.openssh.asc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openssh.com/txt/release-9.8"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.splunk.com/en_us/blog/security/cve-2024-6387-regresshion-vulnerability.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.suse.com/security/cve/CVE-2024-6387.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.theregister.com/2024/07/01/regresshion_openssh/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214119"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214118"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://support.apple.com/kb/HT214120"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/20"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/18"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2024/Jul/19"
          }
        ],
        "title": "CVE Program Container",
        "x_generator": {
          "engine": "ADPogram 0.0.1"
        }
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.openssh.com/",
          "defaultStatus": "unaffected",
          "packageName": "OpenSSH",
          "repo": "https://anongit.mindrot.org/openssh.git",
          "versions": [
            {
              "lessThanOrEqual": "9.7p1",
              "status": "affected",
              "version": "8.5p1",
              "versionType": "custom"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-38.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream",
            "cpe:/o:redhat:rhel_e4s:9.0::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-12.el9_0.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:9.2::baseos",
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.7p1-30.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "413.92.202407091321-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el9",
            "cpe:/a:redhat:openshift:4.14::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "414.92.202407091253-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "415.92.202407091355-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "416.94.202407081958-0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:5"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 5",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:6"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ceph_storage:7"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Ceph Storage 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Qualys Threat Research Unit (TRU) (Qualys) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-01T08:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A security regression (CVE-2006-5051) was discovered in OpenSSH\u0027s server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-364",
              "description": "Signal Handler Race Condition",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-24T13:11:10.801Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:4312",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4312"
        },
        {
          "name": "RHSA-2024:4340",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4340"
        },
        {
          "name": "RHSA-2024:4389",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4389"
        },
        {
          "name": "RHSA-2024:4469",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4469"
        },
        {
          "name": "RHSA-2024:4474",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4474"
        },
        {
          "name": "RHSA-2024:4479",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4479"
        },
        {
          "name": "RHSA-2024:4484",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:4484"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6387"
        },
        {
          "name": "RHBZ#2294604",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2294604"
        },
        {
          "url": "https://santandersecurityresearch.github.io/blog/sshing_the_masses.html"
        },
        {
          "url": "https://www.openssh.com/txt/release-9.8"
        },
        {
          "url": "https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-27T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-01T08:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Openssh: regresshion - race condition in ssh allows rce/dos",
      "workarounds": [
        {
          "lang": "en",
          "value": "The below process can protect against a Remote Code Execution attack by disabling the LoginGraceTime parameter on Red Hat Enterprise Linux 9. However, the sshd server is still vulnerable to a Denial of Service if an attacker exhausts all the connections.\n\n1) As root user, open the /etc/ssh/sshd_config\n2) Add or edit the parameter configuration:\n~~~\nLoginGraceTime 0\n~~~\n3) Save and close the file\n4) Restart the sshd daemon:\n~~~\nsystemctl restart sshd.service\n~~~\n\nSetting LoginGraceTime to 0 disables the SSHD server\u0027s ability to drop connections if authentication is not completed within the specified timeout. If this mitigation is implemented, it is highly recommended to use a tool like \u0027fail2ban\u0027 alongside a firewall to monitor log files and manage connections appropriately.\n\nIf any of the mitigations mentioned above is used, please note that the removal of LoginGraceTime parameter from sshd_config is not automatic when the updated package is installed."
        }
      ],
      "x_redhatCweChain": "CWE-364: Signal Handler Race Condition"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6387",
    "datePublished": "2024-07-01T12:37:25.431Z",
    "dateReserved": "2024-06-27T13:41:03.421Z",
    "dateUpdated": "2025-07-24T13:11:10.801Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-9675 (GCVE-0-2024-9675)
Vulnerability from cvelistv5
Published
2024-10-09 14:32
Modified
2025-07-23 18:13
CWE
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
References
https://access.redhat.com/errata/RHSA-2024:8563 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8675 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8679 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8686 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8690 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8700 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8703 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8707 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8708 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8709 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8846 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8984 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:8994 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9051 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:9459 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2445 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2449 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2454 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2701 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:2710 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3301 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3573 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-9675 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2317458 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 8100020241023085649.afee755d   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 8060020241028154646.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 8060020241028154646.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 8060020241028154646.3b538bd8   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 8080020241025064551.0f77c1b7   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.33.10-1.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:4.9.4-16.el9_4   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 4:5.2.2-9.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:1.37.5-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 1:1.26.8-2.el9_0   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Extended Update Support Unaffected: 2:4.2.0-5.el9_0.2   < *
    cpe:/a:redhat:rhel_eus:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 1:1.29.4-1.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:4.4.1-21.el9_2   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.12 Unaffected: v4.12.0-202503181728.p0.ge355452.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.12::el9
    cpe:/a:redhat:openshift:4.12::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: 3:4.4.1-16.rhaos4.13.el9   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.13 Unaffected: v4.13.0-202503111300.p0.gb379980.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.13::el8
    cpe:/a:redhat:openshift:4.13::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: 3:4.4.1-21.rhaos4.14.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.14 Unaffected: v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.14::el8
    cpe:/a:redhat:openshift:4.14::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: 3:4.4.1-32.rhaos4.15.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.15 Unaffected: v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8   < *
    cpe:/a:redhat:openshift:4.15::el9
    cpe:/a:redhat:openshift:4.15::el8
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: 4:4.9.4-12.rhaos4.16.el8   < *
    cpe:/a:redhat:openshift:4.16::el8
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.16 Unaffected: v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.16::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: 5:5.2.2-1.rhaos4.17.el9   < *
    cpe:/a:redhat:openshift:4.17::el8
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.17 Unaffected: v4.17.0-202503041005.p0.gc3b0999.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.17::el9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4.18 Unaffected: v4.18.0-202503040802.p0.g6a5ec2a.assembly.stream.el9   < *
    cpe:/a:redhat:openshift:4.18::el9
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat OpenShift Developer Tools and Services     cpe:/a:redhat:ocp_tools
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
   Red Hat Red Hat Quay 3     cpe:/a:redhat:quay:3
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-9675",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-10-09T16:16:25.550764Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-10-09T16:24:34.705Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/buildah",
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "versions": [
            {
              "lessThan": "1.38.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020241023085649.afee755d",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020241028154646.3b538bd8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020241028154646.3b538bd8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8060020241028154646.3b538bd8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "container-tools:rhel8",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8080020241025064551.0f77c1b7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.33.10-1.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-16.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:5.2.2-9.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:1.37.5-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.26.8-2.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.0 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:4.2.0-5.el9_0.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.29.4-1.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:4.4.1-21.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.12::el9",
            "cpe:/a:redhat:openshift:4.12::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.12",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.12.0-202503181728.p0.ge355452.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-16.rhaos4.13.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.13::el8",
            "cpe:/a:redhat:openshift:4.13::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.13",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.13.0-202503111300.p0.gb379980.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-21.rhaos4.14.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.14::el8",
            "cpe:/a:redhat:openshift:4.14::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.14",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.14.0-202503060906.p0.gb03f3f5.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "3:4.4.1-32.rhaos4.15.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.15::el9",
            "cpe:/a:redhat:openshift:4.15::el8"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder",
          "product": "Red Hat OpenShift Container Platform 4.15",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.15.0-202503060734.p0.gbc0b789.assembly.stream.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el8",
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "4:4.9.4-12.rhaos4.16.el8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.16::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.16",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.16.0-202503121138.p0.g31c3c26.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el8",
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "5:5.2.2-1.rhaos4.17.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.17::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.17",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.17.0-202503041005.p0.gc3b0999.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://catalog.redhat.com/software/containers/",
          "cpes": [
            "cpe:/a:redhat:openshift:4.18::el9"
          ],
          "defaultStatus": "affected",
          "packageName": "openshift4/ose-docker-builder-rhel9",
          "product": "Red Hat OpenShift Container Platform 4.18",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "v4.18.0-202503040802.p0.g6a5ec2a.assembly.stream.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-agent-base-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ocp_tools"
          ],
          "defaultStatus": "affected",
          "packageName": "ocp-tools-4/jenkins-rhel8",
          "product": "OpenShift Developer Tools and Services",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "skopeo",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "conmon",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "buildah",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "conmon",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "cri-o",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:quay:3"
          ],
          "defaultStatus": "affected",
          "packageName": "quay/quay-builder-rhel8",
          "product": "Red Hat Quay 3",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Erik Sj\u00f6lund (Upstream) for reporting this issue."
        }
      ],
      "datePublic": "2024-10-09T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-23T18:13:54.114Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:8563",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8563"
        },
        {
          "name": "RHSA-2024:8675",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8675"
        },
        {
          "name": "RHSA-2024:8679",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8679"
        },
        {
          "name": "RHSA-2024:8686",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8686"
        },
        {
          "name": "RHSA-2024:8690",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8690"
        },
        {
          "name": "RHSA-2024:8700",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8700"
        },
        {
          "name": "RHSA-2024:8703",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8703"
        },
        {
          "name": "RHSA-2024:8707",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8707"
        },
        {
          "name": "RHSA-2024:8708",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8708"
        },
        {
          "name": "RHSA-2024:8709",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8709"
        },
        {
          "name": "RHSA-2024:8846",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8846"
        },
        {
          "name": "RHSA-2024:8984",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8984"
        },
        {
          "name": "RHSA-2024:8994",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:8994"
        },
        {
          "name": "RHSA-2024:9051",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9051"
        },
        {
          "name": "RHSA-2024:9454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9454"
        },
        {
          "name": "RHSA-2024:9459",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9459"
        },
        {
          "name": "RHSA-2025:2445",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2445"
        },
        {
          "name": "RHSA-2025:2449",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2449"
        },
        {
          "name": "RHSA-2025:2454",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2454"
        },
        {
          "name": "RHSA-2025:2701",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2701"
        },
        {
          "name": "RHSA-2025:2710",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:2710"
        },
        {
          "name": "RHSA-2025:3301",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3301"
        },
        {
          "name": "RHSA-2025:3573",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3573"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-9675"
        },
        {
          "name": "RHBZ#2317458",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317458"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-10-09T02:45:06.343000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-10-09T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Buildah: buildah allows arbitrary directory mount",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-9675",
    "datePublished": "2024-10-09T14:32:11.922Z",
    "dateReserved": "2024-10-09T02:47:50.357Z",
    "dateUpdated": "2025-07-23T18:13:54.114Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5918 (GCVE-0-2025-5918)
Vulnerability from cvelistv5
Published
2025-06-09 19:49
Modified
2025-08-15 18:42
CWE
Summary
A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5918",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-10T13:44:05.687379Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-10T14:06:30.905Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libarchive",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-05-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-15T18:42:15.201Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5918"
        },
        {
          "name": "RHBZ#2370877",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2370877"
        },
        {
          "url": "https://github.com/libarchive/libarchive/pull/2584"
        },
        {
          "url": "https://github.com/libarchive/libarchive/releases/tag/v3.8.0"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-06T19:27:09.090000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-05-20T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libarchive: reading past eof may be triggered for piped file streams",
      "workarounds": [
        {
          "lang": "en",
          "value": "Upgrade to libarchive version 3.8.0 or later, which includes important security fixes and stability improvements."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5918",
    "datePublished": "2025-06-09T19:49:13.544Z",
    "dateReserved": "2025-06-09T08:11:22.154Z",
    "dateUpdated": "2025-08-15T18:42:15.201Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45620 (GCVE-0-2024-45620)
Vulnerability from cvelistv5
Published
2024-09-03 21:21
Modified
2025-07-29 14:18
CWE
  • CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Summary
A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed.
References
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45620",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-04T13:33:24.447725Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-04T13:33:40.390Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/OpenSC/OpenSC",
          "defaultStatus": "affected",
          "packageName": "libopensc"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "opensc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Matteo Marini (Sapienza University of Rome) for reporting this issue."
        }
      ],
      "datePublic": "2024-09-02T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in the pkcs15-init tool in OpenSC. An attacker could use a crafted USB Device or Smart Card, which would present the system with a specially crafted response to APDUs. When buffers are partially filled with data, initialized parts of the buffer can be incorrectly accessed."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "PHYSICAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.9,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-120",
              "description": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:18:38.098Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45620"
        },
        {
          "name": "RHBZ#2309289",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2309289"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-02T18:12:46.667000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-02T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libopensc: incorrect handling of the length of buffers or files in pkcs15init",
      "x_redhatCweChain": "CWE-120: Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45620",
    "datePublished": "2024-09-03T21:21:57.892Z",
    "dateReserved": "2024-09-02T18:28:35.896Z",
    "dateUpdated": "2025-07-29T14:18:38.098Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49175 (GCVE-0-2025-49175)
Vulnerability from cvelistv5
Published
2025-06-17 14:39
Modified
2025-07-15 01:04
CWE
Summary
A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.
References
https://access.redhat.com/errata/RHSA-2025:10258 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10342 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10343 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10344 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10346 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10347 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10348 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10349 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10350 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10351 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10352 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10355 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10356 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10360 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10370 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10374 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10375 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10376 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10377 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10378 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10381 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:10410 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9303 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9304 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9305 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9306 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9392 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9964 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-49175 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2369947 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:24.1.5-4.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION Unaffected: 0:1.1.0-25.el6_10.1   < *
    cpe:/o:redhat:rhel_els:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7.7 Advanced Update Support Unaffected: 0:1.8.0-17.el7_7.1   < *
    cpe:/o:redhat:rhel_aus:7.7::server
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.20.4-32.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:1.8.0-36.el7_9.2   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.20.11-26.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:21.1.3-18.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:1.15.0-7.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.9.0-15.el8_2.14   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:1.20.6-4.el8_2   < *
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.10-2.el8_4   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On Unaffected: 0:1.11.0-8.el8_4.13   < *
    cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.12.0-6.el8_6.14   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.1.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:1.20.11-5.el8_6.3   < *
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Telecommunications Update Service Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.20.11-16.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:1.12.0-15.el8_8.14   < *
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_tus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions Unaffected: 0:21.1.3-11.el8_8   < *
    cpe:/a:redhat:rhel_tus:8.8::appstream
    cpe:/a:redhat:rhel_e4s:8.8::appstream
    cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.20.11-31.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:23.2.7-4.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:1.14.1-8.el9_6   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:21.1.3-3.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.20.11-11.el9_0   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:1.11.0-22.el9_0.15   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:21.1.3-8.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.20.11-18.el9_2   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions Unaffected: 0:1.12.0-14.el9_2.12   < *
    cpe:/a:redhat:rhel_e4s:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:22.1.9-6.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.20.11-26.el9_4   < *
    cpe:/a:redhat:rhel_eus:9.4::crb
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:1.13.1-8.el9_4.7   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49175",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:53:24.755088Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:53:37.144Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X Rendering extension\u0027s handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:04:24.183Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49175"
        },
        {
          "name": "RHBZ#2369947",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T05:39:18.827000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49175",
    "datePublished": "2025-06-17T14:39:39.428Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:04:24.183Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-6052 (GCVE-0-2025-6052)
Vulnerability from cvelistv5
Published
2025-06-13 15:40
Modified
2025-06-13 15:58
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in how GLib’s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn’t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption.
References
Impacted products
Vendor Product Version
Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-6052",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-13T15:58:19.551063Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-13T15:58:31.440Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glycin-loaders",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "loupe",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rpm-ostree",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Philip Withnall for reporting this issue."
        }
      ],
      "datePublic": "2025-06-13T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in how GLib\u2019s GString manages memory when adding data to strings. If a string is already very large, combining it with more input can cause a hidden overflow in the size calculation. This makes the system think it has enough memory when it doesn\u2019t. As a result, data may be written past the end of the allocated memory, leading to crashes or memory corruption."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-13T15:40:38.541Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-6052"
        },
        {
          "name": "RHBZ#2372666",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372666"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-13T11:54:49.481000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-13T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Glib: integer overflow in g_string_maybe_expand() leading to potential buffer overflow in glib gstring",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-6052",
    "datePublished": "2025-06-13T15:40:38.541Z",
    "dateReserved": "2025-06-13T12:02:40.494Z",
    "dateUpdated": "2025-06-13T15:58:31.440Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32906 (GCVE-0-2025-32906)
Vulnerability from cvelistv5
Published
2025-04-14 13:58
Modified
2025-07-29 00:25
CWE
Summary
A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server.
References
https://access.redhat.com/errata/RHSA-2025:4439 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4538 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4609 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4624 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7505 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32906 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359341 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10 Unaffected: 0:3.6.5-3.el10_0   < *
    cpe:/o:redhat:enterprise_linux:10.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.4   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/o:redhat:rhel_e4s:8.4::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/a:redhat:rhel_eus:8.8::appstream
    cpe:/o:redhat:rhel_eus:8.8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32906",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T14:13:49.519508Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T18:06:07.759Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.6.5-3.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream",
            "cpe:/o:redhat:rhel_eus:8.8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup, where the soup_headers_parse_request() function may be vulnerable to an out-of-bound read. This flaw allows a malicious user to use a specially crafted HTTP request to crash the HTTP server."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:25:03.495Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4439"
        },
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4538",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4538"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:4609",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4609"
        },
        {
          "name": "RHSA-2025:4624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4624"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:7505",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7505"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32906"
        },
        {
          "name": "RHBZ#2359341",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359341"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:27:05.130000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: out of bounds reads in soup_headers_parse_request()",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation was found for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32906",
    "datePublished": "2025-04-14T13:58:39.718Z",
    "dateReserved": "2025-04-14T01:37:48.152Z",
    "dateUpdated": "2025-07-29T00:25:03.495Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-46420 (GCVE-0-2025-46420)
Vulnerability from cvelistv5
Published
2025-04-24 12:58
Modified
2025-07-29 13:33
CWE
  • CWE-401 - Missing Release of Memory after Effective Lifetime
Summary
A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes.
References
https://access.redhat.com/errata/RHSA-2025:4439 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4538 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4609 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4624 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-46420 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2361963 issue-tracking, x_refsource_REDHAT
https://gitlab.gnome.org/GNOME/libsoup/-/issues/438
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/o:redhat:enterprise_linux:8::baseos
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.4   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/a:redhat:rhel_e4s:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-46420",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-24T13:14:47.382231Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-29T13:33:33.836Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::baseos",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. It is vulnerable to memory leaks in the soup_header_parse_quality_list() function when parsing a quality list that contains elements with all zeroes."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-401",
              "description": "Missing Release of Memory after Effective Lifetime",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-28T12:55:27.569Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4439"
        },
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4538",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4538"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:4609",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4609"
        },
        {
          "name": "RHSA-2025:4624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4624"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-46420"
        },
        {
          "name": "RHBZ#2361963",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2361963"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/libsoup/-/issues/438"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-24T01:33:03.009000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-401: Missing Release of Memory after Effective Lifetime"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-46420",
    "datePublished": "2025-04-24T12:58:01.121Z",
    "dateReserved": "2025-04-24T01:37:42.412Z",
    "dateUpdated": "2025-07-29T13:33:33.836Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-8445 (GCVE-0-2024-8445)
Vulnerability from cvelistv5
Published
2024-09-05 14:24
Modified
2025-08-03 08:44
CWE
  • CWE-20 - Improper Input Validation
Summary
The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input.
References
https://access.redhat.com/errata/RHSA-2024:7434 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-8445 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2310110 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 3.1.1   
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-8445",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-05T19:58:06.641154Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-05T19:58:15.942Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/389ds/389-ds-base",
          "defaultStatus": "unknown",
          "packageName": "389-ds-base",
          "versions": [
            {
              "status": "affected",
              "version": "3.1.1",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.3.11.1-7.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:11"
          ],
          "defaultStatus": "unaffected",
          "packageName": "redhat-ds:11/389-ds-base",
          "product": "Red Hat Directory Server 11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:directory_server:12"
          ],
          "defaultStatus": "unaffected",
          "packageName": "redhat-ds:12/389-ds-base",
          "product": "Red Hat Directory Server 12",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds:1.4/389-ds-base",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "389-ds-base",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-09-05T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all scenarios. In certain product versions, an authenticated user may cause a server crash while modifying `userPassword` using malformed input."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:44:47.681Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:7434",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:7434"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-8445"
        },
        {
          "name": "RHBZ#2310110",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2310110"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-09-05T00:18:40.983000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-09-05T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "389-ds-base: server crash while modifying `userpassword` using malformed input (incomplete fix for cve-2024-2199)",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-20: Improper Input Validation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-8445",
    "datePublished": "2024-09-05T14:24:01.125Z",
    "dateReserved": "2024-09-05T00:28:32.318Z",
    "dateUpdated": "2025-08-03T08:44:47.681Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6655 (GCVE-0-2024-6655)
Vulnerability from cvelistv5
Published
2024-07-16 15:05
Modified
2025-08-03 08:43
CWE
  • CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory.
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:3.22.30-12.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:3.24.31-5.el9   < *
    cpe:/a:redhat:enterprise_linux:9::crb
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6655",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-16T18:07:04.082353Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-17T15:48:02.984Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-09-09T17:02:46.907Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6655"
          },
          {
            "name": "RHBZ#2297098",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297098"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/7361/diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0"
          },
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/09/09/1"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gtk.org/",
          "defaultStatus": "unaffected",
          "packageName": "gtk",
          "versions": [
            {
              "lessThan": "3.24.43",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "gtk3",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.22.30-12.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::crb",
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "gtk3",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.24.31-5.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gtk3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gtk4",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "gtk2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gtk2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "gtk3",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gimp:flatpak/gtk2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "gtk2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "inkscape:flatpak/gtk2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "gtk2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "gtk4",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-06-15T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the GTK library. Under certain conditions, it is possible for a library to be injected into a GTK application from the current working directory."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T08:43:50.080Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:6963",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:6963"
        },
        {
          "name": "RHSA-2024:9184",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9184"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6655"
        },
        {
          "name": "RHBZ#2297098",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2297098"
        },
        {
          "url": "https://gitlab.gnome.org/GNOME/gtk/-/merge_requests/7361/diffs?commit_id=3bbf0b6176d42836d23c36a6ac410e807ec0a7a7#diff-content-e3fbe6480add9420b69f82374fb26ccac2c015a0"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/09/09/1"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-10T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-06-15T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Gtk3: gtk2: library injection from cwd",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6655",
    "datePublished": "2024-07-16T15:05:55.424Z",
    "dateReserved": "2024-07-10T13:48:56.542Z",
    "dateUpdated": "2025-08-03T08:43:50.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-5449 (GCVE-0-2025-5449)
Vulnerability from cvelistv5
Published
2025-07-25 17:19
Modified
2025-08-14 00:41
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service.
Impacted products
Vendor Product Version
Version: 0.11.0    0.11.1
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-5449",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-07-25T17:33:59.050638Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-07-25T17:34:41.318Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.libssh.org",
          "defaultStatus": "unaffected",
          "packageName": "libssh",
          "versions": [
            {
              "lessThanOrEqual": "0.11.1",
              "status": "affected",
              "version": "0.11.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libssh",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Ronald Crane for reporting this issue."
        }
      ],
      "datePublic": "2025-06-24T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T00:41:42.160Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-5449"
        },
        {
          "name": "RHBZ#2369705",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369705"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11\u0026id=261612179f740bc62ba363d98b3bd5e5573a811f"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11\u0026id=3443aec90188d6aab9282afc80a81df5ab72c4da"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11\u0026id=5504ff40515439a5fecbb17da7483000c4d12eb7"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11\u0026id=78485f446af9b30e37eb8f177b81940710d54496"
        },
        {
          "url": "https://git.libssh.org/projects/libssh.git/commit/?h=stable-0.11\u0026id=f79ec51b7fd519dbc5737a7ba826e3ed093f6ceb"
        },
        {
          "url": "https://www.libssh.org/security/advisories/CVE-2025-5449.txt"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-02T06:50:26.935000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-24T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-5449",
    "datePublished": "2025-07-25T17:19:39.345Z",
    "dateReserved": "2025-06-02T07:10:17.845Z",
    "dateUpdated": "2025-08-14T00:41:42.160Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11029 (GCVE-0-2024-11029)
Vulnerability from cvelistv5
Published
2025-01-15 12:55
Modified
2025-08-03 05:58
CWE
  • CWE-497 - Exposure of Sensitive System Information to an Unauthorized Control Sphere
Summary
A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials.
References
https://access.redhat.com/errata/RHSA-2025:0334 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11029 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2325557 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:4.12.2-1.el9_5.3   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/a:redhat:enterprise_linux:9::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11029",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-15T14:29:15.574700Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-15T14:29:30.192Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/freeipa/freeipa",
          "defaultStatus": "unknown",
          "packageName": "freeipa",
          "versions": [
            {
              "status": "unaffected",
              "version": "4.12.2",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:4.12.2-1.el9_5.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "ipa",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "idm:client/ipa",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "idm:DL1/ipa",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-01-15T12:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the FreeIPA API audit, where it sends the whole FreeIPA command line to journalctl. As a consequence, during the FreeIPA installation process, it inadvertently leaks the administrative user credentials, including the administrator password, to the journal database. In the worst-case scenario, where the journal log is centralized, users with access to it can have improper access to the FreeIPA administrator credentials."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-497",
              "description": "Exposure of Sensitive System Information to an Unauthorized Control Sphere",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T05:58:28.580Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:0334",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0334"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-11029"
        },
        {
          "name": "RHBZ#2325557",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2325557"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-12T16:11:20.270000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-01-15T12:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Freeipa: administrative user data leaked through systemd journal",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-11029",
    "datePublished": "2025-01-15T12:55:30.964Z",
    "dateReserved": "2024-11-08T21:02:38.159Z",
    "dateUpdated": "2025-08-03T05:58:28.580Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-3056 (GCVE-0-2024-3056)
Vulnerability from cvelistv5
Published
2024-08-02 20:37
Modified
2025-08-03 05:58
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Summary
A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container's cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system.
References
Impacted products
Vendor Product Version
Version: 5.0.0
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 3.11     cpe:/a:redhat:openshift:3.11
Create a notification for this product.
   Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-3056",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-03T18:09:31.742310Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-03T18:09:40.413Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-27T16:03:02.350Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://security.netapp.com/advisory/ntap-20241227-0002/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/containers/podman",
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "versions": [
            {
              "status": "affected",
              "version": "5.0.0"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:4.0/podman",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "container-tools:rhel8/podman",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "kernel-rt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:3.11"
          ],
          "defaultStatus": "unknown",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 3.11",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "podman",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-07-25T07:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in Podman. This issue may allow an attacker to create a specially crafted container that, when configured to share the same IPC with at least one other container, can create a large number of IPC resources in /dev/shm. The malicious container will continue to exhaust resources until it is out-of-memory (OOM) killed. While the malicious container\u0027s cgroup will be removed, the IPC resources it created are not. Those resources are tied to the IPC namespace that will not be removed until all containers using it are stopped, and one non-malicious container is holding the namespace open. The malicious container is restarted, either automatically or by attacker control, repeating the process and increasing the amount of memory consumed. With a container configured to restart always, such as `podman run --restart=always`, this can result in a memory-based denial of service of the system."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-03T05:58:07.708Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-3056"
        },
        {
          "name": "RHBZ#2270717",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2270717"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-03-21T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-25T07:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Podman: kernel: containers in shared ipc namespace are vulnerable to denial of service attack",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-3056",
    "datePublished": "2024-08-02T20:37:59.053Z",
    "dateReserved": "2024-03-28T19:59:39.848Z",
    "dateUpdated": "2025-08-03T05:58:07.708Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-45780 (GCVE-0-2024-45780)
Vulnerability from cvelistv5
Published
2025-03-03 14:18
Modified
2025-07-29 09:41
CWE
Summary
A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections.
Impacted products
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-45780",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-03T15:07:37.406667Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-03T15:07:47.085Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://www.gnu.org/software/grub/",
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "versions": [
            {
              "lessThanOrEqual": "2.12",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "unaffected",
          "packageName": "grub2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-02-18T18:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It\u0027s possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-787",
              "description": "Out-of-bounds Write",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T09:41:11.408Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-45780"
        },
        {
          "name": "RHBZ#2345856",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345856"
        },
        {
          "url": "https://lists.gnu.org/archive/html/grub-devel/2025-02/msg00024.html"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-02-14T21:26:01.414000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-02-18T18:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Grub2: fs/tar: integer overflow causes heap oob write",
      "workarounds": [
        {
          "lang": "en",
          "value": "Do not run grub2 in an untrusted environment, specifically with a tar file system image."
        }
      ],
      "x_redhatCweChain": "CWE-190-\u003eCWE-787: Integer Overflow or Wraparound leads to Out-of-bounds Write"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-45780",
    "datePublished": "2025-03-03T14:18:50.957Z",
    "dateReserved": "2024-09-08T01:57:12.948Z",
    "dateUpdated": "2025-07-29T09:41:11.408Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-6126 (GCVE-0-2024-6126)
Vulnerability from cvelistv5
Published
2024-07-03 14:51
Modified
2025-06-26 13:24
CWE
  • CWE-400 - Uncontrolled Resource Consumption
Summary
A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.
References
https://access.redhat.com/errata/RHSA-2024:9325 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-6126 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2292897 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:323.1-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:323.1-1.el9_5   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
    cpe:/o:redhat:enterprise_linux:9::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6126",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T14:14:09.489434Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T19:59:25.792Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:33:04.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6126"
          },
          {
            "name": "RHBZ#2292897",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292897"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/cockpit-project/cockpit",
          "defaultStatus": "affected",
          "packageName": "cockpit"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:323.1-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:323.1-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Paolo Perego (OpenSUSE) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env\u0027s user_readenv option, which leads to a denial of service (DoS) attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-06-26T13:24:22.793Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9325",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9325"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6126"
        },
        {
          "name": "RHBZ#2292897",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292897"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-18T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Cockpit: authenticated user can kill any process when enabling pam_env\u0027s user_readenv option",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disable pam_env\u0027s `user_readenv` option in PAM config."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6126",
    "datePublished": "2024-07-03T14:51:17.880Z",
    "dateReserved": "2024-06-18T14:25:04.791Z",
    "dateUpdated": "2025-06-26T13:24:22.793Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32052 (GCVE-0-2025-32052)
Vulnerability from cvelistv5
Published
2025-04-03 13:37
Modified
2025-07-29 07:20
CWE
Summary
A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read.
References
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32052 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2357069 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32052",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-03T14:44:39.371468Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-03T14:45:08.025Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-126",
              "description": "Buffer Over-read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:20:14.565Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32052"
        },
        {
          "name": "RHBZ#2357069",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357069"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-03T01:16:47.177000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: heap buffer overflow in sniff_unknown()",
      "workarounds": [
        {
          "lang": "en",
          "value": "No mitigation is currently available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-126: Buffer Over-read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32052",
    "datePublished": "2025-04-03T13:37:23.109Z",
    "dateReserved": "2025-04-03T01:42:14.135Z",
    "dateUpdated": "2025-07-29T07:20:14.565Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32910 (GCVE-0-2025-32910)
Vulnerability from cvelistv5
Published
2025-04-14 14:43
Modified
2025-07-29 07:22
CWE
  • CWE-476 - NULL Pointer Dereference
Summary
A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash.
References
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32910 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359354 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::crb
    cpe:/a:redhat:enterprise_linux:8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32910",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-14T14:54:36.566630Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-14T14:54:59.561Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in libsoup, where soup_auth_digest_authenticate() is vulnerable to a NULL pointer dereference. This issue may cause the libsoup client to crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-476",
              "description": "NULL Pointer Dereference",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T07:22:48.635Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32910"
        },
        {
          "name": "RHBZ#2359354",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359354"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:21:00.292000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: null pointer deference on libsoup via  /auth/soup-auth-digest.c through \"soup_auth_digest_authenticate\" on  client when server omits the \"realm\" parameter in an unauthorized  response with digest authentication",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-476: NULL Pointer Dereference"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32910",
    "datePublished": "2025-04-14T14:43:20.175Z",
    "dateReserved": "2025-04-14T01:59:13.827Z",
    "dateUpdated": "2025-07-29T07:22:48.635Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-3360 (GCVE-0-2025-3360)
Vulnerability from cvelistv5
Published
2025-04-07 12:53
Modified
2025-07-29 14:22
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function.
References
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7     cpe:/o:redhat:enterprise_linux:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8     cpe:/o:redhat:enterprise_linux:8
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9     cpe:/o:redhat:enterprise_linux:9
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-3360",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-07T13:23:42.465415Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-09T18:29:26.350Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-04-14T12:04:48.978Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/04/msg00024.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/glib",
          "defaultStatus": "unaffected",
          "packageName": "glib",
          "versions": [
            {
              "lessThan": "2.82.5",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "glycin-loaders",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "loupe",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "bootc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "librsvg2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-glib2",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-07T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in GLib. An integer overflow and buffer under-read occur when parsing a long invalid ISO 8601 timestamp with the g_date_time_new_from_iso8601() function."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T14:22:11.859Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-3360"
        },
        {
          "name": "RHBZ#2357754",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2357754"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-07T01:36:36.703000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-07T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Glibc: glib prior to 2.82.5 is vulnerable to integer  overflow and buffer under-read when parsing a very long invalid iso  8601 timestamp with g_date_time_new_from_iso8601().",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-3360",
    "datePublished": "2025-04-07T12:53:55.924Z",
    "dateReserved": "2025-04-07T01:50:45.607Z",
    "dateUpdated": "2025-07-29T14:22:11.859Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-32911 (GCVE-0-2025-32911)
Vulnerability from cvelistv5
Published
2025-04-15 15:39
Modified
2025-07-29 00:26
Severity ?
CWE
  • CWE-590 - Free of Memory not on the Heap
Summary
A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server.
References
https://access.redhat.com/errata/RHSA-2025:4439 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4440 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4508 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4538 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4560 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4568 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4609 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:4624 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:7436 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:8292 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:9179 vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2025-32911 vdb-entry, x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2359355 issue-tracking, x_refsource_REDHAT
Impacted products
Vendor Product Version
Version: 0   
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 7 Extended Lifecycle Support Unaffected: 0:2.62.2-6.el7_9   < *
    cpe:/o:redhat:rhel_els:7
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.8-3.el8_10.1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:8.10-1   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:2.62.3-8.el8_10   < *
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/o:redhat:enterprise_linux:8::baseos
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.2 Advanced Update Support Unaffected: 0:2.62.3-1.el8_2.4   < *
    cpe:/o:redhat:rhel_aus:8.2::baseos
    cpe:/a:redhat:rhel_aus:8.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_4.4   < *
    cpe:/o:redhat:rhel_aus:8.4::baseos
    cpe:/a:redhat:rhel_aus:8.4::appstream
    cpe:/o:redhat:rhel_tus:8.4::baseos
    cpe:/a:redhat:rhel_e4s:8.4::appstream
    cpe:/o:redhat:rhel_e4s:8.4::baseos
    cpe:/a:redhat:rhel_tus:8.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:2.62.3-2.el8_6.4   < *
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/o:redhat:rhel_e4s:8.6::baseos
    cpe:/o:redhat:rhel_tus:8.6::baseos
    cpe:/a:redhat:rhel_aus:8.6::appstream
    cpe:/o:redhat:rhel_aus:8.6::baseos
    cpe:/a:redhat:rhel_e4s:8.6::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:2.62.3-3.el8_8.4   < *
    cpe:/o:redhat:rhel_eus:8.8::baseos
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9 Unaffected: 0:2.72.0-10.el9_6.1   < *
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 0:2.72.0-8.el9_0.4   < *
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 0:2.72.0-8.el9_2.4   < *
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 0:2.72.0-8.el9_4.4   < *
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 10     cpe:/o:redhat:enterprise_linux:10
Create a notification for this product.
   Red Hat Red Hat Enterprise Linux 6     cpe:/o:redhat:enterprise_linux:6
Create a notification for this product.
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-32911",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-15T15:57:21.589990Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-15T15:57:38.074Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://gitlab.gnome.org/GNOME/libsoup/",
          "defaultStatus": "unaffected",
          "packageName": "libsoup",
          "versions": [
            {
              "lessThan": "3.6.3",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.2-6.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "mingw-freetype",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.8-3.el8_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "spice-client-win",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:8.10-1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/o:redhat:enterprise_linux:8::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-8.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.2::baseos",
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-1.el8_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:8.4::baseos",
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/o:redhat:rhel_tus:8.4::baseos",
            "cpe:/a:redhat:rhel_e4s:8.4::appstream",
            "cpe:/o:redhat:rhel_e4s:8.4::baseos",
            "cpe:/a:redhat:rhel_tus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/o:redhat:rhel_e4s:8.6::baseos",
            "cpe:/o:redhat:rhel_tus:8.6::baseos",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/o:redhat:rhel_aus:8.6::baseos",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_eus:8.8::baseos",
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.62.3-3.el8_8.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-10.el9_6.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_0.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_2.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:2.72.0-8.el9_4.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libsoup3",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libsoup",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-04-14T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A use-after-free type vulnerability was found in libsoup, in the soup_message_headers_get_content_disposition() function. This flaw allows a malicious HTTP client to cause memory corruption in the libsoup server."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-590",
              "description": "Free of Memory not on the Heap",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-29T00:26:14.313Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:4439",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4439"
        },
        {
          "name": "RHSA-2025:4440",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4440"
        },
        {
          "name": "RHSA-2025:4508",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4508"
        },
        {
          "name": "RHSA-2025:4538",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4538"
        },
        {
          "name": "RHSA-2025:4560",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4560"
        },
        {
          "name": "RHSA-2025:4568",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4568"
        },
        {
          "name": "RHSA-2025:4609",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4609"
        },
        {
          "name": "RHSA-2025:4624",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:4624"
        },
        {
          "name": "RHSA-2025:7436",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:7436"
        },
        {
          "name": "RHSA-2025:8292",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:8292"
        },
        {
          "name": "RHSA-2025:9179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9179"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-32911"
        },
        {
          "name": "RHBZ#2359355",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359355"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-04-14T01:21:00.518000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-04-14T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libsoup: double free on  soup_message_headers_get_content_disposition() through  \"soup-message-headers.c\" via \"params\" ghashtable value",
      "workarounds": [
        {
          "lang": "en",
          "value": "Currently, no mitigation is available for this vulnerability."
        }
      ],
      "x_redhatCweChain": "CWE-590: Free of Memory not on the Heap"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-32911",
    "datePublished": "2025-04-15T15:39:34.919Z",
    "dateReserved": "2025-04-14T01:59:13.827Z",
    "dateUpdated": "2025-07-29T00:26:14.313Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}