A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly.
Metrics
Affected Vendors & Products
References
History
Fri, 16 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
| |
Metrics |
ssvc
|
Fri, 09 Aug 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 08 Aug 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A NULL pointer dereference flaw was found in the ub_ctx_set_fwd function in Unbound. This issue could allow an attacker who can invoke specific sequences of API calls to cause a segmentation fault. When certain API functions such as ub_ctx_set_fwd and ub_ctx_resolvconf are called in a particular order, the program attempts to read from a NULL pointer, leading to a crash. This issue can result in a denial of service by causing the application to terminate unexpectedly. |
Title | unbound: NULL Pointer Dereference in Unbound | Unbound: null pointer dereference in unbound |
First Time appeared |
Redhat
Redhat enterprise Linux Redhat openshift Redhat openstack |
|
CPEs | cpe:/a:redhat:openshift:4 cpe:/a:redhat:openstack:16.2 cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:openstack:18.0 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat openshift Redhat openstack |
|
References |
|
Wed, 07 Aug 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | unbound: NULL Pointer Dereference in Unbound | |
Weaknesses | CWE-476 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-08-08T20:24:49.932Z
Updated: 2024-08-19T16:59:38.739Z
Reserved: 2024-08-07T13:02:00.798Z
Link: CVE-2024-43167
Vulnrichment
Updated: 2024-08-16T20:02:53.862Z
NVD
Status : Awaiting Analysis
Published: 2024-08-12T13:38:35.927
Modified: 2024-08-12T13:41:36.517
Link: CVE-2024-43167
Redhat