A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system.
Metrics
Affected Vendors & Products
References
History
Fri, 09 Aug 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Thu, 08 Aug 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system. |
Title | unbound: Heap-Buffer-Overflow in Unbound | Unbound: heap-buffer-overflow in unbound |
First Time appeared |
Redhat
Redhat enterprise Linux Redhat openshift Redhat openstack |
|
CPEs | cpe:/a:redhat:openshift:4 cpe:/a:redhat:openstack:16.2 cpe:/a:redhat:openstack:17.1 cpe:/a:redhat:openstack:18.0 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9 |
|
Vendors & Products |
Redhat
Redhat enterprise Linux Redhat openshift Redhat openstack |
|
References |
|
Wed, 07 Aug 2024 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | No description is available for this CVE. | |
Title | unbound: Heap-Buffer-Overflow in Unbound | |
Weaknesses | CWE-122 | |
References |
| |
Metrics |
threat_severity
|
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2024-08-08T20:25:24.723Z
Updated: 2024-08-19T16:59:40.785Z
Reserved: 2024-08-07T13:02:00.798Z
Link: CVE-2024-43168
Vulnrichment
Updated: 2024-08-09T19:19:07.895Z
NVD
Status : Awaiting Analysis
Published: 2024-08-12T13:38:36.187
Modified: 2024-08-12T13:41:36.517
Link: CVE-2024-43168
Redhat