Описание
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user.
A flaw was found in the keepalived package. An integer overflow occurs when incorrect arguments are passed. As a result, reading from an undefined address takes place.
Отчет
The described vulnerability in the keepalived package, characterized by an integer overflow in the vrrp_ipsets_handler function of fglobal_parser.c, is assessed as moderate severity rather than important due to the specific conditions required for exploitation. The flaw necessitates the manual configuration of an empty ipset name, a scenario that deviates from standard operational procedures. This constraint significantly reduces the likelihood of the vulnerability being exploited in typical deployment environments. Additionally, the primary consequence of this integer overflow is reading from an undefined address, which, while potentially disruptive, is less severe compared to vulnerabilities that allow arbitrary code execution or privilege escalation.
Меры по смягчению последствий
Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Ceph Storage 5 | rhceph/keepalived-rhel8 | Out of support scope | ||
| Red Hat Ceph Storage 6 | rhceph/keepalived-rhel9 | Affected | ||
| Red Hat Ceph Storage 7 | rhceph/keepalived-rhel9 | Affected | ||
| Red Hat Enterprise Linux 10 | keepalived | Affected | ||
| Red Hat Enterprise Linux 7 | keepalived | Out of support scope | ||
| Red Hat Enterprise Linux 8 | keepalived | Fixed | RHSA-2025:0743 | 28.01.2025 |
| Red Hat Enterprise Linux 9 | keepalived | Fixed | RHSA-2025:0917 | 04.02.2025 |
Показывать по
Дополнительная информация
Статус:
EPSS
6.3 Medium
CVSS3
Связанные уязвимости
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user.
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user.
In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived th ...
EPSS
6.3 Medium
CVSS3