Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2024-31178
PUBLISHED
More InfoOfficial Page
Assigner-Nozomi
Assigner Org ID-bec8025f-a851-46e5-b3a3-058e6b0aa23c
View Known Exploited Vulnerability (KEV) details
Published At-18 Sep, 2024 | 13:56
Updated At-18 Sep, 2024 | 17:18
Rejected At-
▼CVE Numbering Authority (CNA)
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack. This issue affects libfluid: 0.1.0.

Affected Products
Vendor
Open Networking Foundation (ONF)
Product
libfluid
Collection URL
https://opennetworkingfoundation.github.io/libfluid/
Modules
  • libfluid_msg
Program Routines
  • fluid_msg::of13::TableFeaturePropNextTables::unpack
Default Status
unaffected
Versions
Affected
  • 0.1.0
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

Until a software patch which fixes this issue is not released, it is highly recommended to not exposed the vulnerable component inside an untrusted network.

Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31178
N/A
Hyperlink: https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-31178
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
open_networking_foundation
Product
libfluid
CPEs
  • cpe:2.3:a:open_networking_foundation:libfluid:0.1.0:*:*:*:*:*:*:*
Default Status
unaffected
Versions
Affected
  • 0.1.0
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found