A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Affected Vendors & Products

Vendors Products
Redhat
  • Enterprise Linux
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Tus

No data.

Package CPE Advisory Released Date
Red Hat Enterprise Linux 8
unbound-0:1.16.2-5.el8_9.6 cpe:/a:redhat:enterprise_linux:8 RHSA-2024:1751 2024-04-11T00:00:00Z
Red Hat Enterprise Linux 8.2 Advanced Update Support
unbound-0:1.7.3-12.el8_2.1 cpe:/a:redhat:rhel_aus:8.2 RHSA-2024:2696 2024-05-06T00:00:00Z
Red Hat Enterprise Linux 8.2 Telecommunications Update Service
unbound-0:1.7.3-12.el8_2.1 cpe:/a:redhat:rhel_tus:8.2 RHSA-2024:2696 2024-05-06T00:00:00Z
Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions
unbound-0:1.7.3-12.el8_2.1 cpe:/a:redhat:rhel_e4s:8.2 RHSA-2024:2696 2024-05-06T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
unbound-0:1.7.3-15.el8_4.1 cpe:/a:redhat:rhel_aus:8.4 RHSA-2024:2587 2024-04-30T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
unbound-0:1.7.3-15.el8_4.1 cpe:/a:redhat:rhel_tus:8.4 RHSA-2024:2587 2024-04-30T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
unbound-0:1.7.3-15.el8_4.1 cpe:/a:redhat:rhel_e4s:8.4 RHSA-2024:2587 2024-04-30T00:00:00Z
Red Hat Enterprise Linux 8.6 Extended Update Support
unbound-0:1.7.3-17.el8_6.4 cpe:/a:redhat:rhel_eus:8.6 RHSA-2024:1804 2024-04-15T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
unbound-0:1.16.2-5.el8_8.4 cpe:/a:redhat:rhel_eus:8.8 RHSA-2024:1802 2024-04-15T00:00:00Z
Red Hat Enterprise Linux 9
unbound-0:1.16.2-3.el9_3.5 cpe:/a:redhat:enterprise_linux:9 RHSA-2024:1750 2024-04-10T00:00:00Z
Red Hat Enterprise Linux 9.0 Extended Update Support
unbound-0:1.13.1-13.el9_0.4 cpe:/a:redhat:rhel_eus:9.0 RHSA-2024:1801 2024-04-15T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
unbound-0:1.16.2-3.el9_2.4 cpe:/a:redhat:rhel_eus:9.2 RHSA-2024:1780 2024-04-11T00:00:00Z
References
Link Providers
https://access.redhat.com/errata/RHSA-2024:1750 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1751 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1780 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1801 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1802 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:1804 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2587 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2024:2696 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2024-1488 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2264183 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-1488 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-1488 cve-icon
History

Wed, 06 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-02-15T05:04:13.994Z

Updated: 2024-11-13T14:45:55.751Z

Reserved: 2024-02-14T12:47:25.283Z

Link: CVE-2024-1488

cve-icon Vulnrichment

Updated: 2024-08-01T18:40:21.182Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-02-15T05:15:10.257

Modified: 2024-11-21T08:50:41.490

Link: CVE-2024-1488

cve-icon Redhat

Severity : Important

Publid Date: 2024-02-13T00:00:00Z

Links: CVE-2024-1488 - Bugzilla