CVE-2024-1488

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2024-1488
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.

8.0 /10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References
Link Resource
https://access.redhat.com/errata/RHSA-2024:1750 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1751 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1780 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1801 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1802 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1804 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2587 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2696 Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0837
https://access.redhat.com/security/cve/CVE-2024-1488 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2264183 Issue Tracking Patch
https://access.redhat.com/errata/RHSA-2024:1750 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1751 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1780 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1801 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1802 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1804 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2587 Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2696 Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-1488 Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2264183 Issue Tracking Patch
Configurations

Configuration 1 (hide)

cpe:2.3:a:fedoraproject:unbound:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
History

30 Jan 2025, 22:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2025:0837 -

24 Jan 2025, 06:15

Type Values Removed Values Added
CWE CWE-15

23 Jan 2025, 17:41

Type Values Removed Values Added
CPE cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:fedoraproject:unbound:*:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder:9.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:8.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.2_s390x:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:9.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:*:*:*:*:*:*:*
References () https://access.redhat.com/errata/RHSA-2024:1750 - () https://access.redhat.com/errata/RHSA-2024:1750 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1751 - () https://access.redhat.com/errata/RHSA-2024:1751 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1780 - () https://access.redhat.com/errata/RHSA-2024:1780 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1801 - () https://access.redhat.com/errata/RHSA-2024:1801 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1802 - () https://access.redhat.com/errata/RHSA-2024:1802 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:1804 - () https://access.redhat.com/errata/RHSA-2024:1804 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2587 - () https://access.redhat.com/errata/RHSA-2024:2587 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2024:2696 - () https://access.redhat.com/errata/RHSA-2024:2696 - Third Party Advisory
References () https://access.redhat.com/security/cve/CVE-2024-1488 - () https://access.redhat.com/security/cve/CVE-2024-1488 - Third Party Advisory
References () https://bugzilla.redhat.com/show_bug.cgi?id=2264183 - () https://bugzilla.redhat.com/show_bug.cgi?id=2264183 - Issue Tracking, Patch
CWE CWE-276
First Time Redhat codeready Linux Builder Eus
Redhat enterprise Linux
Redhat enterprise Linux Server Aus
Redhat codeready Linux Builder Eus For Power Little Endian
Redhat enterprise Linux For Arm 64 Eus
Redhat enterprise Linux For Arm 64
Redhat enterprise Linux Server Tus
Fedoraproject unbound
Redhat codeready Linux Builder For Ibm Z Systems Eus
Redhat codeready Linux Builder For Arm64
Redhat codeready Linux Builder For Ibm Z Systems
Redhat codeready Linux Builder
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux Eus
Redhat enterprise Linux For Power Little Endian
Redhat
Fedoraproject
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat codeready Linux Builder For Arm64 Eus

21 Nov 2024, 08:50

Type Values Removed Values Added
References () https://access.redhat.com/errata/RHSA-2024:1750 - () https://access.redhat.com/errata/RHSA-2024:1750 -
References () https://access.redhat.com/errata/RHSA-2024:1751 - () https://access.redhat.com/errata/RHSA-2024:1751 -
References () https://access.redhat.com/errata/RHSA-2024:1780 - () https://access.redhat.com/errata/RHSA-2024:1780 -
References () https://access.redhat.com/errata/RHSA-2024:1801 - () https://access.redhat.com/errata/RHSA-2024:1801 -
References () https://access.redhat.com/errata/RHSA-2024:1802 - () https://access.redhat.com/errata/RHSA-2024:1802 -
References () https://access.redhat.com/errata/RHSA-2024:1804 - () https://access.redhat.com/errata/RHSA-2024:1804 -
References () https://access.redhat.com/errata/RHSA-2024:2587 - () https://access.redhat.com/errata/RHSA-2024:2587 -
References () https://access.redhat.com/errata/RHSA-2024:2696 - () https://access.redhat.com/errata/RHSA-2024:2696 -
References () https://access.redhat.com/security/cve/CVE-2024-1488 - () https://access.redhat.com/security/cve/CVE-2024-1488 -
References () https://bugzilla.redhat.com/show_bug.cgi?id=2264183 - () https://bugzilla.redhat.com/show_bug.cgi?id=2264183 -

08 May 2024, 08:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2696 -

30 Apr 2024, 20:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:2587 -

15 Apr 2024, 04:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1802 -
  • () https://access.redhat.com/errata/RHSA-2024:1804 -
  • () https://access.redhat.com/errata/RHSA-2024:1801 -

11 Apr 2024, 12:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1751 -
  • () https://access.redhat.com/errata/RHSA-2024:1780 -

10 Apr 2024, 12:15

Type Values Removed Values Added
References
  • () https://access.redhat.com/errata/RHSA-2024:1750 -

15 Feb 2024, 05:15

Type Values Removed Values Added
New CVE
Information

Published : 2024-02-15 05:15

Updated : 2025-01-30 22:15

NVD link : CVE-2024-1488

Mitre link : CVE-2024-1488

CVE.ORG link : CVE-2024-1488

JSON object : View

Products Affected

fedoraproject

  • unbound

redhat

  • enterprise_linux_for_power_little_endian_eus
  • enterprise_linux_server_tus
  • enterprise_linux
  • codeready_linux_builder_for_arm64_eus
  • codeready_linux_builder_eus
  • enterprise_linux_for_ibm_z_systems_eus
  • enterprise_linux_server_aus
  • codeready_linux_builder_for_ibm_z_systems_eus
  • codeready_linux_builder_eus_for_power_little_endian
  • codeready_linux_builder_for_arm64
  • enterprise_linux_eus
  • codeready_linux_builder
  • enterprise_linux_for_ibm_z_systems
  • enterprise_linux_for_power_little_endian
  • enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
  • enterprise_linux_for_arm_64
  • codeready_linux_builder_for_ibm_z_systems
  • enterprise_linux_for_arm_64_eus
CWE
CWE-276

Incorrect Default Permissions