Vulnerability-Lookup

WID-SEC-W-2024-3409

Vulnerability from csaf_certbund - Published: 2024-11-11 23:00 - Updated: 2025-11-04 23:00

Summary

Red Hat Enterprise Linux: Mehrere Schwachstellen

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

Red Hat Enterprise Linux (RHEL) ist eine populäre Linux-Distribution.

Angriff

Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und Daten zu manipulieren.

Betroffene Betriebssysteme

- UNIX

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "mittel"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Red Hat Enterprise Linux (RHEL) ist eine popul\u00e4re Linux-Distribution.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen in Red Hat Enterprise Linux ausnutzen, um einen Denial-of-Service-Zustand zu erzeugen, vertrauliche Informationen preiszugeben und Daten zu manipulieren.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- UNIX",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-3409 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3409.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-3409 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3409"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-11-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:9281"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-11-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:9317"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-11-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:9325"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-11-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:9424"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory vom 2024-11-11",
        "url": "https://access.redhat.com/errata/RHSA-2024:9404"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2024-9281 vom 2024-11-19",
        "url": "https://linux.oracle.com/errata/ELSA-2024-9281.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10135 vom 2024-11-21",
        "url": "https://access.redhat.com/errata/RHSA-2024:10135"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2024:10990 vom 2025-01-15",
        "url": "https://access.redhat.com/errata/RHSA-2024:10990"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:3530 vom 2025-04-02",
        "url": "https://access.redhat.com/errata/RHSA-2025:3530"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2025:3534 vom 2025-04-02",
        "url": "https://access.redhat.com/errata/RHSA-2025:3534"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02447-1 vom 2025-07-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BBICIXZ7THEGXAYHC2PBY5N3EQIOTMZS/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20490-1 vom 2025-07-25",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021970.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02464-2 vom 2025-08-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022001.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:20538-1 vom 2025-08-05",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022106.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2025:02719-1 vom 2025-08-07",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2025-August/022113.html"
      },
      {
        "category": "external",
        "summary": "Dell Security Advisory DSA-2025-390 vom 2025-11-05",
        "url": "https://www.dell.com/support/kbdoc/000385230"
      }
    ],
    "source_lang": "en-US",
    "title": "Red Hat Enterprise Linux: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2025-11-04T23:00:00.000+00:00",
      "generator": {
        "date": "2025-11-05T09:14:28.647+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.4.0"
        }
      },
      "id": "WID-SEC-W-2024-3409",
      "initial_release_date": "2024-11-11T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-11-11T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-11-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2024-11-20T23:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-01-14T23:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-04-02T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2025-07-21T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-07-27T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-03T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-05T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-08-06T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2025-11-04T23:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von Dell aufgenommen"
        }
      ],
      "status": "final",
      "version": "11"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Appliance \u003c5.32.00.18",
                "product": {
                  "name": "Dell Secure Connect Gateway Appliance \u003c5.32.00.18",
                  "product_id": "T048301"
                }
              },
              {
                "category": "product_version",
                "name": "Appliance 5.32.00.18",
                "product": {
                  "name": "Dell Secure Connect Gateway Appliance 5.32.00.18",
                  "product_id": "T048301-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:dell:secure_connect_gateway:appliance__5.32.00.18"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Secure Connect Gateway"
          }
        ],
        "category": "vendor",
        "name": "Dell"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9",
                "product": {
                  "name": "Red Hat Enterprise Linux 9",
                  "product_id": "T030908",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "Logging \u003c5.9.10",
                "product": {
                  "name": "Red Hat OpenShift Logging \u003c5.9.10",
                  "product_id": "T040352"
                }
              },
              {
                "category": "product_version",
                "name": "Logging 5.9.10",
                "product": {
                  "name": "Red Hat OpenShift Logging 5.9.10",
                  "product_id": "T040352-fixed",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:openshift:logging__5.9.10"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "OpenShift"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-6681",
      "product_status": {
        "known_affected": [
          "T030908",
          "T002207",
          "67646",
          "T004914",
          "T040352",
          "T048301"
        ]
      },
      "release_date": "2024-11-11T23:00:00.000+00:00",
      "title": "CVE-2023-6681"
    },
    {
      "cve": "CVE-2024-6501",
      "product_status": {
        "known_affected": [
          "T030908",
          "T002207",
          "67646",
          "T004914",
          "T040352",
          "T048301"
        ]
      },
      "release_date": "2024-11-11T23:00:00.000+00:00",
      "title": "CVE-2024-6501"
    },
    {
      "cve": "CVE-2024-6126",
      "product_status": {
        "known_affected": [
          "T030908",
          "T002207",
          "67646",
          "T004914",
          "T040352",
          "T048301"
        ]
      },
      "release_date": "2024-11-11T23:00:00.000+00:00",
      "title": "CVE-2024-6126"
    },
    {
      "cve": "CVE-2024-29038",
      "product_status": {
        "known_affected": [
          "T030908",
          "T002207",
          "67646",
          "T004914",
          "T040352",
          "T048301"
        ]
      },
      "release_date": "2024-11-11T23:00:00.000+00:00",
      "title": "CVE-2024-29038"
    },
    {
      "cve": "CVE-2024-29039",
      "product_status": {
        "known_affected": [
          "T030908",
          "T002207",
          "67646",
          "T004914",
          "T040352",
          "T048301"
        ]
      },
      "release_date": "2024-11-11T23:00:00.000+00:00",
      "title": "CVE-2024-29039"
    },
    {
      "cve": "CVE-2024-2236",
      "product_status": {
        "known_affected": [
          "T030908",
          "T002207",
          "67646",
          "T004914",
          "T040352",
          "T048301"
        ]
      },
      "release_date": "2024-11-11T23:00:00.000+00:00",
      "title": "CVE-2024-2236"
    }
  ]
}

CVE-2024-2236 (GCVE-0-2024-2236)

Vulnerability from cvelistv5 – Published: 2024-03-06 22:07 – Updated: 2025-11-20 18:18

Title

Libgcrypt: vulnerable to marvin attack

Summary

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.

Severity ?

5.9 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

CWE-208 - Observable Timing Discrepancy

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:9404	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:3530	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:3534	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-2236	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2245218	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 0 , < 9.4.0 (semver)

Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.10.0-11.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.10.0-11.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9.2 Extended Update Support	Unaffected: 0:1.10.0-10.el9_2.1 , < * (rpm) cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/o:redhat:rhel_eus:9.2::baseos
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.10.0-10.el9_4.1 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T19:03:39.105Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-2236"
          },
          {
            "name": "RHBZ#2245218",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
          },
          {
            "name": "RHBZ#2268268",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2268268"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-2236",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-07T20:07:33.124826Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-12T20:41:08.088Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://git.gnupg.org/libgcrypt.git",
          "defaultStatus": "unaffected",
          "packageName": "libgcrypt",
          "versions": [
            {
              "lessThan": "9.4.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-11.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-11.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.2::appstream",
            "cpe:/o:redhat:rhel_eus:9.2::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-10.el9_2.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/o:redhat:rhel_eus:9.4::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.10.0-10.el9_4.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "libgcrypt",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-03-06T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A timing-based side-channel flaw was found in libgcrypt\u0027s RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-208",
              "description": "Observable Timing Discrepancy",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T18:18:15.192Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9404",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9404"
        },
        {
          "name": "RHSA-2025:3530",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3530"
        },
        {
          "name": "RHSA-2025:3534",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:3534"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-2236"
        },
        {
          "name": "RHBZ#2245218",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2245218"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2023-10-20T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-03-06T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Libgcrypt: vulnerable to marvin attack",
      "x_redhatCweChain": "CWE-385-\u003eCWE-208: Covert Timing Channel leads to Observable Timing Discrepancy"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-2236",
    "datePublished": "2024-03-06T22:07:16.617Z",
    "dateReserved": "2024-03-06T20:10:15.745Z",
    "dateUpdated": "2025-11-20T18:18:15.192Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-29039 (GCVE-0-2024-29039)

Vulnerability from cvelistv5 – Published: 2024-06-28 15:48 – Updated: 2025-11-04 17:19

Title

Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state

Summary

tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file. As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7.

Severity ?

9.1 (Critical)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-807 - Reliance on Untrusted Inputs in a Security Decision

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tpm2-software/tpm2-tools/secur…	x_refsource_CONFIRM
	https://github.com/tpm2-software/tpm2-tools/relea…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tpm2-software	tpm2-tools	Affected: < 5.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:tpm2_software:tpm2_tools:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "tpm2_tools",
            "vendor": "tpm2_software",
            "versions": [
              {
                "status": "affected",
                "version": "5.7"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-29039",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T19:46:09.080274Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-28T19:50:27.367Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:19:47.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6"
          },
          {
            "name": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GI4JFEZBKQQUPJ4RWK6IHEWXAFCEJDPI/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFR7SVEWCOXORHPCLLGXEMHFMIGG2MFE/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tpm2-tools",
          "vendor": "tpm2-software",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "tpm2 is the source repository for the Trusted Platform Module (TPM2.0) tools. This vulnerability allows attackers to manipulate tpm2_checkquote outputs by altering the TPML_PCR_SELECTION in the PCR input file.  As a result, digest values are incorrectly mapped to PCR slots and banks, providing a misleading picture of the TPM state. This issue has been patched in version 5.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 9.1,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-807",
              "description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-28T15:48:25.623Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-8rjm-5f5f-h4q6"
        },
        {
          "name": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7"
        }
      ],
      "source": {
        "advisory": "GHSA-8rjm-5f5f-h4q6",
        "discovery": "UNKNOWN"
      },
      "title": "Missing check in tpm2_checkquote allows attackers to misrepresent the TPM state"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-29039",
    "datePublished": "2024-06-28T15:48:25.623Z",
    "dateReserved": "2024-03-14T16:59:47.613Z",
    "dateUpdated": "2025-11-04T17:19:47.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-6501 (GCVE-0-2024-6501)

Vulnerability from cvelistv5 – Published: 2024-07-09 19:27 – Updated: 2025-11-21 07:06

Title

Networkmanager: denial of service

Summary

A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service.

Severity ?

3.1 (Low)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:9317	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-6501	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2295734	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Affected: 1.40 , < 1.48.10-2 (semver)

Red Hat	Red Hat Enterprise Linux 9	Unaffected: 1:1.48.10-2.el9_5 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 1:1.48.10-2.el9_5 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8
Red Hat	Red Hat OpenShift Container Platform 4	cpe:/a:redhat:openshift:4

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6501",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-10T20:36:57.290190Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-10T20:37:06.892Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:41:03.482Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6501"
          },
          {
            "name": "RHBZ#2295734",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295734"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/NetworkManager/NetworkManager",
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "versions": [
            {
              "lessThan": "1.48.10-2",
              "status": "affected",
              "version": "1.40",
              "versionType": "semver"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.48.10-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "1:1.48.10-2.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unaffected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "NetworkManager",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2024-07-04T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in NetworkManager. When a system running NetworkManager with DEBUG logs enabled and an interface eth1 configured with LLDP enabled, a malicious user could inject a malformed LLDP packet. NetworkManager would crash, leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-21T07:06:19.932Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9317",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9317"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6501"
        },
        {
          "name": "RHBZ#2295734",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2295734"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-07-04T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-04T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Networkmanager: denial of service",
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6501",
    "datePublished": "2024-07-09T19:27:11.133Z",
    "dateReserved": "2024-07-04T05:13:32.680Z",
    "dateUpdated": "2025-11-21T07:06:19.932Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-29038 (GCVE-0-2024-29038)

Vulnerability from cvelistv5 – Published: 2024-06-28 13:44 – Updated: 2025-11-04 17:19

Title

tpm2 does not detect if quote was not generated by TPM

Summary

tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7.

Severity ?

4.3 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N

CWE

CWE-1283 - Mutable Attestation or Measurement Reporting Data
CWE-1390 - Weak Authentication

Assigner

GitHub_M

References

URL

Tags

	https://github.com/tpm2-software/tpm2-tools/secur…	x_refsource_CONFIRM
	https://github.com/tpm2-software/tpm2-tools/relea…	x_refsource_MISC

Impacted products

	Vendor	Product	Version
	tpm2-software	tpm2-tools	Affected: >= 4.1-rc0, < 5.7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-29038",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-06-28T14:26:41.987195Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-06-28T14:26:47.695Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-04T17:19:44.720Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f"
          },
          {
            "name": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GI4JFEZBKQQUPJ4RWK6IHEWXAFCEJDPI/"
          },
          {
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EFR7SVEWCOXORHPCLLGXEMHFMIGG2MFE/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "tpm2-tools",
          "vendor": "tpm2-software",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 4.1-rc0, \u003c 5.7"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "tpm2-tools is the source repository for the Trusted Platform Module (TPM2.0) tools. A malicious attacker can generate arbitrary quote data which is not detected by `tpm2 checkquote`. This issue was patched in version 5.7."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1283",
              "description": "CWE-1283: Mutable Attestation or Measurement Reporting Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1390",
              "description": "CWE-1390: Weak Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-28T13:44:07.035Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tools/security/advisories/GHSA-5495-c38w-gr6f"
        },
        {
          "name": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/tpm2-software/tpm2-tools/releases/tag/5.7"
        }
      ],
      "source": {
        "advisory": "GHSA-5495-c38w-gr6f",
        "discovery": "UNKNOWN"
      },
      "title": "tpm2 does not detect if quote was not generated by TPM"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-29038",
    "datePublished": "2024-06-28T13:44:07.035Z",
    "dateReserved": "2024-03-14T16:59:47.613Z",
    "dateUpdated": "2025-11-04T17:19:44.720Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2024-6126 (GCVE-0-2024-6126)

Vulnerability from cvelistv5 – Published: 2024-07-03 14:51 – Updated: 2025-11-21 07:06

Title

Cockpit: authenticated user can kill any process when enabling pam_env's user_readenv option

Summary

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env's user_readenv option, which leads to a denial of service (DoS) attack.

Severity ?

3.2 (Low)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:9325	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2024-6126	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2292897	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:323.1-1.el9_5 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:323.1-1.el9_5 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
Red Hat	Red Hat Enterprise Linux 10	cpe:/o:redhat:enterprise_linux:10
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7
Red Hat	Red Hat Enterprise Linux 8	cpe:/o:redhat:enterprise_linux:8

Credits

Red Hat would like to thank Paolo Perego (OpenSUSE) for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-6126",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-07-08T14:14:09.489434Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-08T19:59:25.792Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-01T21:33:04.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2024-6126"
          },
          {
            "name": "RHBZ#2292897",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292897"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://github.com/cockpit-project/cockpit",
          "defaultStatus": "affected",
          "packageName": "cockpit"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:323.1-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/o:redhat:enterprise_linux:9::baseos"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:323.1-1.el9_5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "unaffected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "cockpit",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Paolo Perego (OpenSUSE) for reporting this issue."
        }
      ],
      "datePublic": "2024-07-03T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pam_env\u0027s user_readenv option, which leads to a denial of service (DoS) attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Low"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "LOW",
            "baseScore": 3.2,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-21T07:06:17.076Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:9325",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9325"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2024-6126"
        },
        {
          "name": "RHBZ#2292897",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2292897"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-06-18T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2024-07-03T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Cockpit: authenticated user can kill any process when enabling pam_env\u0027s user_readenv option",
      "workarounds": [
        {
          "lang": "en",
          "value": "Disable pam_env\u0027s `user_readenv` option in PAM config."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2024-6126",
    "datePublished": "2024-07-03T14:51:17.880Z",
    "dateReserved": "2024-06-18T14:25:04.791Z",
    "dateUpdated": "2025-11-21T07:06:17.076Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2023-6681 (GCVE-0-2023-6681)

Vulnerability from cvelistv5 – Published: 2024-02-12 14:04 – Updated: 2025-11-20 18:06

Title

Jwcrypto: denail of service via specifically crafted jwe

Summary

A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack.

Severity ?

5.3 (Medium)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

CWE-400 - Uncontrolled Resource Consumption

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2024:3267	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2024:9281	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2023-6681	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2260843	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 8

Unaffected: 8100020240417004735.143e9e98 , < * (rpm)
cpe:/a:redhat:enterprise_linux:8::appstream

Red Hat	Red Hat Enterprise Linux 8	Unaffected: 8100020240416171943.823393f5 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.5.6-2.el9 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Ansible Automation Platform 2	cpe:/a:redhat:ansible_automation_platform:2
Red Hat	Red Hat Enterprise Linux 7	cpe:/o:redhat:enterprise_linux:7

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6681",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-12T21:27:57.752185Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-07-05T17:21:42.932Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:35:14.893Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2024:3267",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2024:3267"
          },
          {
            "tags": [
              "vdb-entry",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/security/cve/CVE-2023-6681"
          },
          {
            "name": "RHBZ#2260843",
            "tags": [
              "issue-tracking",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260843"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:client",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240417004735.143e9e98",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "idm:DL1",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "8100020240416171943.823393f5",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "python-jwcrypto",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.5.6-2.el9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:ansible_automation_platform:2"
          ],
          "defaultStatus": "unaffected",
          "packageName": "automation-controller",
          "product": "Red Hat Ansible Automation Platform 2",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "unknown",
          "packageName": "python-jwcrypto",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2023-12-28T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability was found in JWCrypto. This flaw allows an attacker to cause a denial of service (DoS) attack and possible password brute-force and dictionary attacks to be more resource-intensive. This issue can result in a large amount of computational consumption, causing a denial of service attack."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T18:06:07.044Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2024:3267",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:3267"
        },
        {
          "name": "RHSA-2024:9281",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2024:9281"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2023-6681"
        },
        {
          "name": "RHBZ#2260843",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2260843"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2024-01-29T00:00:00+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2023-12-28T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Jwcrypto: denail of service  via specifically crafted jwe",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
        }
      ],
      "x_redhatCweChain": "CWE-400: Uncontrolled Resource Consumption"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2023-6681",
    "datePublished": "2024-02-12T14:04:45.113Z",
    "dateReserved": "2023-12-11T12:45:07.051Z",
    "dateUpdated": "2025-11-20T18:06:07.044Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

WID-SEC-W-2024-3409

CVE-2024-2236 (GCVE-0-2024-2236)

CVE-2024-29039 (GCVE-0-2024-29039)

CVE-2024-6501 (GCVE-0-2024-6501)

CVE-2024-29038 (GCVE-0-2024-29038)

CVE-2024-6126 (GCVE-0-2024-6126)

CVE-2023-6681 (GCVE-0-2023-6681)

Tags

Sightings

Nomenclature