CVE-2024-1488

2024-02-1505:15:10

Debian Security Bug Tracker

security-tracker.debian.org

cve-2024-1488

unbound

vulnerability

configuration modification

unauthorized access

local resolver

disrupting resolving

8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H

7.5 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

13.2%

JSON

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.

OSVersionArchitecturePackageVersionFilename
Debian12allunbound< 1.17.1-2+deb12u2unbound_1.17.1-2+deb12u2_all.deb
Debian11allunbound< 1.13.1-1+deb11u2unbound_1.13.1-1+deb11u2_all.deb
Debian999allunbound< 1.20.0-1unbound_1.20.0-1_all.deb
Debian13allunbound< 1.20.0-1unbound_1.20.0-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	unbound	< 1.17.1-2+deb12u2	unbound_1.17.1-2+deb12u2_all.deb
Debian	11	all	unbound	< 1.13.1-1+deb11u2	unbound_1.13.1-1+deb11u2_all.deb
Debian	999	all	unbound	< 1.20.0-1	unbound_1.20.0-1_all.deb
Debian	13	all	unbound	< 1.20.0-1	unbound_1.20.0-1_all.deb