Lucene search

Ubuntu.comUB:CVE-2023-32726

HistoryDec 18, 2023 - 12:00 a.m.

CVE-2023-32726

2023-12-1800:00:00

ubuntu.com

cve-2023-32726

improper check

rdlength overflow

unix

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

JSON

The vulnerability is caused by improper check for check if RDLENGTH does
not overflow the buffer in response from DNS server.

OSVersionArchitecturePackageVersionFilename
ubuntu22.04noarchzabbix< anyUNKNOWN
ubuntu23.10noarchzabbix< anyUNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	22.04	noarch	zabbix	< any	UNKNOWN
ubuntu	23.10	noarch	zabbix	< any	UNKNOWN

References

launchpad.net/bugs/cve/CVE-2023-32726

nvd.nist.gov/vuln/detail/CVE-2023-32726

security-tracker.debian.org/tracker/CVE-2023-32726

support.zabbix.com/browse/ZBX-23855

www.cve.org/CVERecord?id=CVE-2023-32726

8.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

JSON

Related for UB:CVE-2023-32726