Lucene search

K
nvd[email protected]NVD:CVE-2024-24788
HistoryMay 08, 2024 - 4:15 p.m.

CVE-2024-24788

2024-05-0816:15:08
CWE-835
web.nvd.nist.gov
11
dns
infinite loop
lookup functions
cve-2024-24788

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6

Confidence

Low

EPSS

0

Percentile

10.3%

A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

6

Confidence

Low

EPSS

0

Percentile

10.3%