Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-43168
Awaiting Analysis
More InfoOfficial Page
Source-sep@nlnetlabs.nl
View Known Exploited Vulnerability (KEV) details
Published At-12 Aug, 2024 | 13:38
Updated At-03 Nov, 2025 | 22:18

DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.14.8MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 4.8
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-122Secondarysep@nlnetlabs.nl
CWE ID: CWE-122
Type: Secondary
Source: sep@nlnetlabs.nl
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://access.redhat.com/security/cve/CVE-2024-43168sep@nlnetlabs.nl
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2303462sep@nlnetlabs.nl
N/A
https://github.com/NLnetLabs/unbound/issues/1039sep@nlnetlabs.nl
N/A
https://github.com/NLnetLabs/unbound/pull/1040/filessep@nlnetlabs.nl
N/A
https://lists.debian.org/debian-lts-announce/2024/09/msg00046.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2024-43168
Source: sep@nlnetlabs.nl
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2303462
Source: sep@nlnetlabs.nl
Resource: N/A
Hyperlink: https://github.com/NLnetLabs/unbound/issues/1039
Source: sep@nlnetlabs.nl
Resource: N/A
Hyperlink: https://github.com/NLnetLabs/unbound/pull/1040/files
Source: sep@nlnetlabs.nl
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/09/msg00046.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Change History
0Changes found
Details not found