Common Weakness Enumeration

CWE-125

Out-of-bounds Read

The product reads data past the end, or before the beginning, of the intended buffer.

CVE-2024-11562 (GCVE-0-2024-11562)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:47 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24858.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:48
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11562",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:18:52.120895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:47.991Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:07.711Z",
      "datePublic": "2024-11-21T20:48:15.469Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24858."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:47:41.768Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1572",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1572/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11562",
    "datePublished": "2024-11-22T20:47:41.768Z",
    "dateReserved": "2024-11-20T21:56:07.662Z",
    "dateUpdated": "2024-11-22T21:35:47.991Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11563 (GCVE-0-2024-11563)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:47 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24860.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:48
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11563",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:18:47.002003Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:48.163Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:11.527Z",
      "datePublic": "2024-11-21T20:48:51.745Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24860."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:47:58.945Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1576",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1576/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11563",
    "datePublished": "2024-11-22T20:47:58.945Z",
    "dateReserved": "2024-11-20T21:56:11.479Z",
    "dateUpdated": "2024-11-22T21:35:48.163Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11565 (GCVE-0-2024-11565)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:46 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24866.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:47
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11565",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:18:58.295106Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:48.388Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:23.297Z",
      "datePublic": "2024-11-21T20:47:30.297Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of CGM files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24866."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:46:45.733Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1567",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1567/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView CGM File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11565",
    "datePublished": "2024-11-22T20:46:45.733Z",
    "dateReserved": "2024-11-20T21:56:23.242Z",
    "dateUpdated": "2024-11-22T21:35:48.388Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11566 (GCVE-0-2024-11566)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:46 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24868.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:47
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11566",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:19:03.129986Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:48.488Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:27.413Z",
      "datePublic": "2024-11-21T20:47:03.437Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24868."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:46:33.614Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1564",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1564/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11566",
    "datePublished": "2024-11-22T20:46:33.614Z",
    "dateReserved": "2024-11-20T21:56:27.362Z",
    "dateUpdated": "2024-11-22T21:35:48.488Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11567 (GCVE-0-2024-11567)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:47 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24871.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:48
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11567",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:18:48.269927Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:48.587Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:32.817Z",
      "datePublic": "2024-11-21T20:48:43.918Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24871."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:47:54.879Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1575",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1575/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11567",
    "datePublished": "2024-11-22T20:47:54.879Z",
    "dateReserved": "2024-11-20T21:56:32.769Z",
    "dateUpdated": "2024-11-22T21:35:48.587Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11568 (GCVE-0-2024-11568)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:46 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24872.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:46
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11568",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:19:04.851404Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:48.701Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:40.053Z",
      "datePublic": "2024-11-21T20:46:54.566Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24872."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:46:29.774Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1563",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1563/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11568",
    "datePublished": "2024-11-22T20:46:29.774Z",
    "dateReserved": "2024-11-20T21:56:40.005Z",
    "dateUpdated": "2024-11-22T21:35:48.701Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11569 (GCVE-0-2024-11569)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:47 – Updated: 2024-11-22 21:35
VLAI
Title
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24873.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:48
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11569",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:18:49.649755Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:35:48.808Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:45.486Z",
      "datePublic": "2024-11-21T20:48:35.530Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24873."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:47:50.508Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1574",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1574/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11569",
    "datePublished": "2024-11-22T20:47:50.508Z",
    "dateReserved": "2024-11-20T21:56:45.424Z",
    "dateUpdated": "2024-11-22T21:35:48.808Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11571 (GCVE-0-2024-11571)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:46 – Updated: 2024-11-22 21:45
VLAI
Title
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24895.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
IrfanView IrfanView Affected: 4.67.0.0
Create a notification for this product.
irfanview irfanview Affected: 4.67 , < 4.70 (custom)
    cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 20:47
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:irfanview:irfanview:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "irfanview",
            "vendor": "irfanview",
            "versions": [
              {
                "lessThan": "4.70",
                "status": "affected",
                "version": "4.67",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11571",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-22T21:18:59.580907Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-11-22T21:45:54.608Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "IrfanView",
          "vendor": "IrfanView",
          "versions": [
            {
              "status": "affected",
              "version": "4.67.0.0"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T21:56:55.961Z",
      "datePublic": "2024-11-21T20:47:20.363Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of IrfanView. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24895."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:46:41.406Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1566",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1566/"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Rocco Calvi (@TecR0c) with TecSecurity"
      },
      "title": "IrfanView DXF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11571",
    "datePublished": "2024-11-22T20:46:41.406Z",
    "dateReserved": "2024-11-20T21:56:55.908Z",
    "dateUpdated": "2024-11-22T21:45:54.608Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11581 (GCVE-0-2024-11581)

Vulnerability from cvelistv5 – Published: 2024-11-22 20:44 – Updated: 2024-12-04 21:32
VLAI
Title
Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
Summary
Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of jt files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23826.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
Assigner
zdi
References
Impacted products
Vendor Product Version
Luxion KeyShot Affected: 2024 13.0.0 Build 92 4.10.171
Create a notification for this product.
luxion keyshot Affected: 2024 13.0.0 Build 92 4.10.171
    cpe:2.3:a:luxion:keyshot:2024:*:*:*:*:*:*:*
Create a notification for this product.
Date Public
2024-11-21 21:25
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:luxion:keyshot:2024:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "keyshot",
            "vendor": "luxion",
            "versions": [
              {
                "status": "affected",
                "version": "2024 13.0.0 Build 92 4.10.171"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11581",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-11-26T15:15:56.582008Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-04T21:32:46.182Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "KeyShot",
          "vendor": "Luxion",
          "versions": [
            {
              "status": "affected",
              "version": "2024 13.0.0 Build 92 4.10.171"
            }
          ]
        }
      ],
      "dateAssigned": "2024-11-20T22:00:59.203Z",
      "datePublic": "2024-11-21T21:25:01.421Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.\n\nThe specific flaw exists within the parsing of jt files. The issue results from the lack of proper validation of user-supplied data, which can result in a read before the start of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23826."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "CWE-125: Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-11-22T20:44:07.235Z",
        "orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
        "shortName": "zdi"
      },
      "references": [
        {
          "name": "ZDI-24-1612",
          "tags": [
            "x_research-advisory"
          ],
          "url": "https://www.zerodayinitiative.com/advisories/ZDI-24-1612/"
        },
        {
          "name": "vendor-provided URL",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://download.keyshot.com/cert/ksa-655925/ksa-655925.pdf?version=1.0\u0026_gl=1*1vzfrlf*_gcl_au*MTIxNTA2Njg4MS4xNzMxNTMwMjIx"
        }
      ],
      "source": {
        "lang": "en",
        "value": "Anonymous"
      },
      "title": "Luxion KeyShot JT File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
    "assignerShortName": "zdi",
    "cveId": "CVE-2024-11581",
    "datePublished": "2024-11-22T20:44:07.235Z",
    "dateReserved": "2024-11-20T22:00:59.154Z",
    "dateUpdated": "2024-12-04T21:32:46.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-11614 (GCVE-0-2024-11614)

Vulnerability from cvelistv5 – Published: 2024-12-18 08:30 – Updated: 2025-11-20 00:59
VLAI
Title
Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
Summary
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
URL Tags
https://access.redhat.com/errata/RHSA-2025:0208 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0209 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0210 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0211 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0220 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0221 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:0222 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3963 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3964 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3965 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2025:3970 vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-11614 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2327955 issue-trackingx_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/12/17/3
Impacted products
Vendor Product Version
Affected: 21.05 , < 21.11-4 (semver)
Red Hat Fast Datapath for Red Hat Enterprise Linux 8 Unaffected: 0:3.1.0-159.el8fdp , < * (rpm)
    cpe:/o:redhat:enterprise_linux:8::fastdatapath
Create a notification for this product.
Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:3.1.0-149.el9fdp , < * (rpm)
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
Create a notification for this product.
Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:3.3.0-92.el9fdp , < * (rpm)
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
Create a notification for this product.
Red Hat Fast Datapath for Red Hat Enterprise Linux 9 Unaffected: 0:3.4.0-48.el9fdp , < * (rpm)
    cpe:/o:redhat:enterprise_linux:9::fastdatapath
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8 Unaffected: 0:23.11-2.el8_10 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:8::appstream
    cpe:/a:redhat:enterprise_linux:8::crb
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support Unaffected: 0:21.11-3.el8_6 , < * (rpm)
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8.6 Telecommunications Update Service Unaffected: 0:21.11-3.el8_6 , < * (rpm)
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions Unaffected: 0:21.11-3.el8_6 , < * (rpm)
    cpe:/a:redhat:rhel_e4s:8.6::appstream
    cpe:/a:redhat:rhel_tus:8.6::appstream
    cpe:/a:redhat:rhel_aus:8.6::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 8.8 Extended Update Support Unaffected: 0:21.11-4.el8_8 , < * (rpm)
    cpe:/a:redhat:rhel_eus:8.8::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9 Unaffected: 2:23.11-2.el9_5 , < * (rpm)
    cpe:/a:redhat:enterprise_linux:9::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions Unaffected: 2:21.11-3.el9_0 , < * (rpm)
    cpe:/a:redhat:rhel_e4s:9.0::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9.2 Extended Update Support Unaffected: 2:22.11-4.el9_2 , < * (rpm)
    cpe:/a:redhat:rhel_eus:9.2::appstream
Create a notification for this product.
Red Hat Red Hat Enterprise Linux 9.4 Extended Update Support Unaffected: 2:23.11-2.el9_4 , < * (rpm)
    cpe:/a:redhat:rhel_eus:9.4::appstream
Create a notification for this product.
Red Hat Fast Datapath for RHEL 7     cpe:/o:redhat:enterprise_linux:7::fastdatapath
Create a notification for this product.
Red Hat Fast Datapath for RHEL 8     cpe:/o:redhat:enterprise_linux:8::fastdatapath
Create a notification for this product.
Red Hat Fast Datapath for RHEL 9     cpe:/o:redhat:enterprise_linux:9::fastdatapath
Create a notification for this product.
Red Hat Red Hat OpenShift Container Platform 4     cpe:/a:redhat:openshift:4
Create a notification for this product.
Date Public
2024-12-17 00:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-12-18T09:03:01.520Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2024/12/17/3"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-11614",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-12-18T14:47:13.057559Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-12-18T14:48:14.956Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.dpdk.org/dpdk-stable/",
          "defaultStatus": "unaffected",
          "packageName": "dpdk",
          "versions": [
            {
              "lessThan": "21.11-4",
              "status": "affected",
              "version": "21.05",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "openvswitch3.1",
          "product": "Fast Datapath for Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.0-159.el8fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "openvswitch3.1",
          "product": "Fast Datapath for Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.1.0-149.el9fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "openvswitch3.3",
          "product": "Fast Datapath for Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.3.0-92.el9fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "affected",
          "packageName": "openvswitch3.4",
          "product": "Fast Datapath for Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:3.4.0-48.el9fdp",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.11-2.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.11-3.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.11-3.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.11-3.el8_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.11-4.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:23.11-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:21.11-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:22.11-4.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "dpdk",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "2:23.11-2.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "dpdk",
          "product": "Fast Datapath for RHEL 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch",
          "product": "Fast Datapath for RHEL 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.10",
          "product": "Fast Datapath for RHEL 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.11",
          "product": "Fast Datapath for RHEL 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.12",
          "product": "Fast Datapath for RHEL 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.11",
          "product": "Fast Datapath for RHEL 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.12",
          "product": "Fast Datapath for RHEL 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.13",
          "product": "Fast Datapath for RHEL 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.15",
          "product": "Fast Datapath for RHEL 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.16",
          "product": "Fast Datapath for RHEL 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.17",
          "product": "Fast Datapath for RHEL 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.17",
          "product": "Fast Datapath for RHEL 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch3.0",
          "product": "Fast Datapath for RHEL 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch3.2",
          "product": "Fast Datapath for RHEL 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch2.17",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch3.0",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch3.1",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "unaffected",
          "packageName": "openvswitch3.3",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-12-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "An out-of-bounds read vulnerability was found in DPDK\u0027s Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor\u0027s vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.0"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T00:59:36.216Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:0208",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0208"
        },
        {
          "name": "RHSA-2025:0209",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0209"
        },
        {
          "name": "RHSA-2025:0210",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0210"
        },
        {
          "name": "RHSA-2025:0211",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0211"
        },
        {
          "name": "RHSA-2025:0220",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0220"
        },
        {
          "name": "RHSA-2025:0221",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0221"
        },
        {
          "name": "RHSA-2025:0222",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:0222"
        },
        {
          "name": "RHSA-2025:3963",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3963"
        },
        {
          "name": "RHSA-2025:3964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3964"
        },
        {
          "name": "RHSA-2025:3965",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3965"
        },
        {
          "name": "RHSA-2025:3970",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3970"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-11614"
        },
        {
          "name": "RHBZ#2327955",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2327955"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-11-22T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-12-17T00:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library",
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-11614",
    "datePublished": "2024-12-18T08:30:49.729Z",
    "dateReserved": "2024-11-22T04:21:45.124Z",
    "dateUpdated": "2025-11-20T00:59:36.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Mitigation ID: MIT-5

Phase: Implementation

Strategy: Input Validation

Description:

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.
  • To reduce the likelihood of introducing an out-of-bounds read, ensure that you validate and ensure correct calculations for any length argument, buffer size calculation, or offset. Be especially careful of relying on a sentinel (i.e. special character such as NUL) in untrusted inputs.
Mitigation

Phase: Architecture and Design

Strategy: Language Selection

Description:

  • Use a language that provides appropriate memory abstractions.
CAPEC-540: Overread Buffers

An adversary attacks a target by providing input that causes an application to read beyond the boundary of a defined buffer. This typically occurs when a value influencing where to start or stop reading is set to reflect positions outside of the valid memory location of the buffer. This type of attack may result in exposure of sensitive information, a system crash, or arbitrary code execution.

Back to CWE stats page