Vulnerabilites related to linuxfoundation - software_for_open_networking_in_the_cloud
Vulnerability from fkie_nvd
Published
2022-11-14 17:15
Modified
2024-11-21 06:38
Severity ?
8.1 (High) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.
Discovered by Eugene Lim of GovTech Singapore.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| linuxfoundation | software_for_open_networking_in_the_cloud | 202111 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:software_for_open_networking_in_the_cloud:202111:*:*:*:*:*:*:*",
"matchCriteriaId": "469B150C-C666-4EC9-8558-97CEF694D851",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.\n\nDiscovered by Eugene Lim of GovTech Singapore.\n"
},
{
"lang": "es",
"value": "Existe una vulnerabilidad en el c\u00f3digo de an\u00e1lisis de paquetes DHCPv6 que un atacante remoto podr\u00eda explorar para crear un paquete que podr\u00eda provocar un desbordamiento del b\u00fafer en una llamada a memcpy, lo que provocar\u00eda una escritura de memoria fuera de los l\u00edmites que provocar\u00eda el fallo de dhcp6relay. Dhcp6relay es un proceso cr\u00edtico y podr\u00eda provocar que la ventana acoplable de rel\u00e9 dhcp se apague. Descubierto por Eugene Lim de GovTech Singapur."
}
],
"id": "CVE-2022-0324",
"lastModified": "2024-11-21T06:38:22.893",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.2,
"source": "cve_disclosure@tech.gov.sg",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2022-11-14T17:15:09.987",
"references": [
{
"source": "cve_disclosure@tech.gov.sg",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9"
},
{
"source": "cve_disclosure@tech.gov.sg",
"tags": [
"Third Party Advisory"
],
"url": "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html"
}
],
"sourceIdentifier": "cve_disclosure@tech.gov.sg",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-120"
}
],
"source": "cve_disclosure@tech.gov.sg",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-120"
},
{
"lang": "en",
"value": "CWE-787"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-03-12 17:15
Modified
2024-12-27 18:05
Severity ?
Summary
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags | |
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:software_for_open_networking_in_the_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "81F37243-864F-4FCA-A021-851D1BEC91B9",
"versionEndExcluding": "20201231.96",
"versionStartIncluding": "202012",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:software_for_open_networking_in_the_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B76F26C4-EF5E-4800-8856-C8F284671172",
"versionEndExcluding": "20191130.89",
"versionStartIncluding": "201911",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:software_for_open_networking_in_the_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8DEDC1D5-2ACC-4E6F-8E8F-22D21A2FDCFE",
"versionEndExcluding": "20181130.106",
"versionStartIncluding": "201811",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:linuxfoundation:software_for_open_networking_in_the_cloud:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E1C9D8A2-CABC-4634-92C4-95C9B2A4142A",
"versionEndExcluding": "20220531.26",
"versionStartIncluding": "202205",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de elevaci\u00f3n de privilegios del software para redes abiertas en la nube (SONiC)"
}
],
"id": "CVE-2024-21418",
"lastModified": "2024-12-27T18:05:13.933",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Primary"
}
]
},
"published": "2024-03-12T17:15:50.453",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Third Party Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2024-21418
Vulnerability from cvelistv5
Published
2024-03-12 16:57
Modified
2024-12-31 20:19
Severity ?
EPSS score ?
Summary
Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability
References
| ▼ | URL | Tags |
|---|---|---|
| https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418 | vendor-advisory |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Microsoft | Software for Open Networking in the Cloud (SONiC) |
Version: 1.0.0 < 20220531.26 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:20:40.884Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21418",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T18:56:04.735394Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-12T17:37:02.272Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"Unknown"
],
"product": "Software for Open Networking in the Cloud (SONiC)",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "20220531.26",
"status": "affected",
"version": "1.0.0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:azure_software_for_open_networking_in_the_cloud:*:*:*:*:*:-:*:*",
"versionEndExcluding": "20220531.26",
"versionStartIncluding": "1.0.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-03-12T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T20:19:27.957Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21418"
}
],
"title": "Software for Open Networking in the Cloud (SONiC) Elevation of Privilege Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-21418",
"datePublished": "2024-03-12T16:57:43.140Z",
"dateReserved": "2023-12-08T22:45:21.301Z",
"dateUpdated": "2024-12-31T20:19:27.957Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-0324
Vulnerability from cvelistv5
Published
2022-11-14 16:08
Modified
2024-08-02 23:25
Severity ?
EPSS score ?
Summary
There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.
Discovered by Eugene Lim of GovTech Singapore.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Linux Foundation | Software for Open Networking in the Cloud (SONiC) |
Version: 202111 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:25:39.548Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9"
},
{
"tags": [
"x_transferred"
],
"url": "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Software for Open Networking in the Cloud (SONiC)",
"repo": "https://github.com/sonic-net/sonic-buildimage",
"vendor": "Linux Foundation",
"versions": [
{
"status": "affected",
"version": "202111"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.\u003cbr\u003e\u003cbr\u003eDiscovered by Eugene Lim of GovTech Singapore.\u003cbr\u003e"
}
],
"value": "There is a vulnerability in DHCPv6 packet parsing code that could be explored by remote attacker to craft a packet that could cause buffer overflow in a memcpy call, leading to out-of-bounds memory write that would cause dhcp6relay to crash. Dhcp6relay is a critical process and could cause dhcp relay docker to shutdown.\n\nDiscovered by Eugene Lim of GovTech Singapore.\n"
}
],
"impacts": [
{
"capecId": "CAPEC-100",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-100 Overflow Buffers"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-120",
"description": "CWE-120 Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-11-14T16:12:37.331Z",
"orgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
"shortName": "GovTech CSG"
},
"references": [
{
"url": "https://github.com/sonic-net/sonic-buildimage/security/advisories/GHSA-m4qf-8rrq-mph9"
},
{
"url": "https://govtech-csg.github.io/security-advisories/2022/11/14/CVE-2022-0324.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Buffer Overflow in Dhcp6relay in Software for Open Networking in the Cloud (SONiC)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "1a37b84a-8e51-4525-b3d6-87e2fae01dbd",
"assignerShortName": "GovTech CSG",
"cveId": "CVE-2022-0324",
"datePublished": "2022-11-14T16:08:34.224Z",
"dateReserved": "2022-01-21T01:21:20.305Z",
"dateUpdated": "2024-08-02T23:25:39.548Z",
"requesterUserId": "26d1c047-c31c-4646-bd07-241f86433aca",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}