SB2024121635 - Multiple vulnerabilities in Service Interconnect
Published: December 16, 2024 Updated: November 28, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 18 secuirty vulnerabilities.
1) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2024-3596)
The vulnerability allows a remote attacker to compromise the target system.
The vulnerability exists due to use of a broken or risky cryptographic algorithm in RADIUS Protocol. A remote user can perform a man-in-the-middle (MitM) attack and gain access to target system.
2) Input validation error (CVE-ID: CVE-2024-50602)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input within the XML_ResumeParser function. A remote attacker can pass specially crafted XML input to the application and perform a denial of service (DoS) attack.
3) Information Exposure Through Timing Discrepancy (CVE-ID: CVE-2024-2236)
The vulnerability allows a remote attacker to perform timing attack.
The vulnerability exists due to an error in libgcrypt's RSA implementation. A remote attacker can initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts.
4) Missing Release of Resource after Effective Lifetime (CVE-ID: CVE-2024-2398)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to an error when sending HTTP/2 server push responses with an overly large number of headers. A remote attacker can send PUSH_PROMISE frames with an excessive amount of headers to the application, trigger memory leak and perform a denial of service (DoS) attack.
5) Resource exhaustion (CVE-ID: CVE-2024-2511)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to unbounded memory growth when processing TLSv1.3 sessions. A remote attacker can trigger resource exhaustion and perform a denial of service (DoS) attack.
Successful exploitation of the vulnerability requires that the non-default SSL_OP_NO_TICKET option is being used in TLSv1.3.
6) Resource management error (CVE-ID: CVE-2024-4603)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources within the application when checking DSA keys and parameters. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.
7) Use-after-free (CVE-ID: CVE-2024-4741)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error within the SSL_free_buffers() function. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.
Note, the vulnerability affects only applications that call the vulnerable function.
8) Out-of-bounds read (CVE-ID: CVE-2024-5535)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition within the SSL_select_next_proto() function when using NPN. A remote attacker can send specially crafted data to the application, trigger an out-of-bounds read and perform a denial of service (DoS) attack.
9) Type Confusion (CVE-ID: CVE-2024-6119)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a type confusion error when performing certificate name checks. A remote attacker can supply a specially crafted X.509 certificate to the server, trigger a type confusion error and perform a denial of service (DoS) attack.
10) Incorrect Regular Expression (CVE-ID: CVE-2024-6232)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of .tar archives when processing it with regular expressions. A remote attacker can pass specially crafted data to the application and perform regular expression denial of service (ReDos) attack.
11) Code Injection (CVE-ID: CVE-2024-6345)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to improper input validation when processing URL in the package_index module of pypa/setuptools. A remote attacker can send a specially crafted request and execute arbitrary code on the target system via download functions.
12) Command Injection (CVE-ID: CVE-2024-6923)
The vulnerability allows a remote attacker to perform spoofing attack.
The vulnerability exists due to insufficient validation of newlines for email headers when
serializing an email message. A remote attacker can inject arbitrary headers into serialized email messages.
13) Insufficient verification of data authenticity (CVE-ID: CVE-2024-34397)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to missing authorization for D-Bus signals. When a GDBus-based client subscribes to signals from a trusted system service such as NetworkManager on a shared computer, other users of the same computer can send spoofed D-Bus signals that the GDBus-based client will wrongly interpret as having been sent by the trusted system service.
14) Input validation error (CVE-ID: CVE-2024-37370)
The vulnerability allows a remote attacker to bypass implemented security restrictions.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can modify the plaintext Extra Count field of a confidential GSS krb5 wrap token, causing the unwrapped token to appear truncated to the application.
15) Out-of-bounds read (CVE-ID: CVE-2024-37371)
The vulnerability allows a remote attacker to gain access to potentially sensitive information.
The vulnerability exists due to a boundary condition when handling GSS message token. A remote attacker can send specially crafted token to the application, trigger an out-of-bounds read error and read contents of memory on the system.
16) Buffer Underwrite ('Buffer Underflow') (CVE-ID: CVE-2024-45490)
The vulnerability allows a remote attacker to compromise the affected system.
The vulnerability exists due to a boundary error in xmlparse.c when handling negative length for XML_ParseBuffer. A remote attacker can pass specially crafted input to the application, trigger buffer underflow and execute arbitrary code on the system.
17) Integer overflow (CVE-ID: CVE-2024-45491)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the dtdCopy() function in xmlparse.c. A remote attacker can pass specially crafted input to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
18) Integer overflow (CVE-ID: CVE-2024-45492)
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to integer overflow within the nextScaffoldPart() function in xmlparse.c. A remote attacker can pass specially crafted data to the application, trigger an integer overflow and execute arbitrary code on the target system.
Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.
Remediation
Install update from vendor's website.