Description
CVE-2024-6119 found in deb/debian/[email protected]~deb12u2
Important
Risk: 4.25 (Medium)
CVSS: 7.5
Description
Issue summary: Applications performing certificate name checks (e.g., TLS
clients checking server certificates) may attempt to read an invalid memory
address resulting in abnormal termination of the application process.
Impact summary: Abnormal termination of an application can a cause a denial of
service.
Applications performing certificate name checks (e.g., TLS clients checking
server certificates) may attempt to read an invalid memory address when
comparing the expected name with an otherName subject alternative name of an
X.509 certificate. This may result in an exception that terminates the
application program.
Note that basic certificate chain validation (signatures, dates, ...) is not
affected, the denial of service can occur only when the application also
specifies an expected DNS name, Email address or IP address.
TLS servers rarely solicit client certificates, and even when they do, they
generally don't perform a name check against a reference identifier (expected
identity), but rather extract the presented identity after checking the
certificate chain. So TLS servers are generally not affected and the severity
of the issue is Moderate.
The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
Affected component
The vulnerability is in pkg:deb/debian/[email protected]~deb12u2, detected by github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning, github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning:test.
Recommended fix
No fix is available.
Additional guidance for mitigating vulnerabilities
Visit our guides on devguard.org
See more details...
Path to component
%%{init: { 'theme':'base', 'themeVariables': {
'primaryColor': '#F3F3F3',
'primaryTextColor': '#0D1117',
'primaryBorderColor': '#999999',
'lineColor': '#999999',
'secondaryColor': '#ffffff',
'tertiaryColor': '#ffffff'
} }}%%
flowchart TD
root(["root"]) --- github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning"])
github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning"]) --- debian_12_7(["debian\@12.7"])
debian_12_7(["debian\@12.7"]) --- debian_ca_certificates(["debian/ca-certificates"])
debian_ca_certificates(["debian/ca-certificates"]) --- debian_openssl(["debian/openssl"])
root(["root"]) --- github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning_test(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning:test"])
github_com_l3montree_dev_devguard_cmd_devguard_scanner_container_scanning_test(["github.com/l3montree-dev/devguard/cmd/devguard-scanner/container-scanning:test"]) --- debian_12_7(["debian\@12.7"])
classDef default stroke-width:2px
| Risk Factor | Value | Description |
|---|---|---|
| Vulnerability Depth | 1 |
The vulnerability is in a direct dependency of your project. |
| EPSS | 0.04 % |
The exploit probability is very low. The vulnerability is unlikely to be exploited in the next 30 days. |
| EXPLOIT | Not available |
We did not find any exploit available. Neither in GitHub repositories nor in the Exploit-Database. There are no script kiddies exploiting this vulnerability. |
| CVSS-BE | 9.3 |
- Exploiting this vulnerability significantly impacts confidentiality. |
| CVSS-B | 7.5 |
- The vulnerability can be exploited over the network without needing physical access. - It is easy for an attacker to exploit this vulnerability. - An attacker does not need any special privileges or access rights. - No user interaction is needed for the attacker to exploit this vulnerability. - The impact is confined to the system where the vulnerability exists. - There is a high impact on the confidentiality of the information. |
More details can be found in DevGuard
Interact with this vulnerability
You can use the following slash commands to interact with this vulnerability:
👍 Reply with this to acknowledge and accept the identified risk.
/accept I accept the risk of this vulnerability, because ...
⚠️ Mark the risk as false positive: Use one of these commands if you believe the reported vulnerability is not actually a valid issue.
/component-not-present The vulnerable component is not included in the artifact.
/vulnerable-code-not-present The component is present, but the vulnerable code is not included or compiled.
/vulnerable-code-not-in-execute-path The vulnerable code exists, but is never executed at runtime.
/vulnerable-code-cannot-be-controlled-by-adversary Built-in protections prevent exploitation of this vulnerability.
/inline-mitigations-already-exist The vulnerable code cannot be controlled or influenced by an attacker.
🔁 Reopen the risk: Use this command to reopen a previously closed or accepted vulnerability.
/reopen ...