Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-52616

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 15 нояб. 2024
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: redhat
CVSS3: 5.3
EPSS Низкий

ОписаниС

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

ΠžΡ‚Ρ‡Π΅Ρ‚

Within regulated environments, a combination of the following controls acts as a significant barrier to successfully exploiting a CWE-334: Small Space of Random Values vulnerability and therefore downgrades the severity of this particular CVE from Moderate to Low. Access to the platform is granted only after successful hard token-based multi-factor authentication (MFA) and is governed by least privilege, ensuring only authorized users can execute or modify code. External infrastructure and internal cluster certificates are maintained within a secure environment, and FIPS-validated cryptographic modules are enforced across all compute resources to prevent unauthorized access to intercepted data. The platform also uses trusted, validated name resolution paths to reduce the risk of interception or redirection that could expose or exploit weak random values.

Π—Π°Ρ‚Ρ€ΠΎΠ½ΡƒΡ‚Ρ‹Π΅ ΠΏΠ°ΠΊΠ΅Ρ‚Ρ‹

ΠŸΠ»Π°Ρ‚Ρ„ΠΎΡ€ΠΌΠ°ΠŸΠ°ΠΊΠ΅Ρ‚Π‘ΠΎΡΡ‚ΠΎΡΠ½ΠΈΠ΅Π Π΅ΠΊΠΎΠΌΠ΅Π½Π΄Π°Ρ†ΠΈΡΠ Π΅Π»ΠΈΠ·
Red Hat Enterprise Linux 7avahiOut of support scope
Red Hat Enterprise Linux 8avahiWill not fix
Red Hat OpenShift Container Platform 4rhcosFix deferred
Red Hat Enterprise Linux 9avahiFixedRHSA-2025:743713.05.2025
Red Hat Enterprise Linux 9avahiFixedRHSA-2025:743713.05.2025

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

Π”ΠΎΠΏΠΎΠ»Π½ΠΈΡ‚Π΅Π»ΡŒΠ½Π°Ρ информация

Бтатус:

Moderate
Π”Π΅Ρ„Π΅ΠΊΡ‚:
CWE-334
https://bugzilla.redhat.com/show_bug.cgi?id=2326429avahi: Avahi Wide-Area DNS Predictable Transaction IDs

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 25%
0.00086
Низкий

5.3 Medium

CVSS3

БвязанныС уязвимости

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-52616

CVSS3: 5.3
ubuntu
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-52616

CVSS3: 5.3
nvd
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Avahi-daemon, where it initializes DNS transaction IDs randomly only once at startup, incrementing them sequentially after that. This predictable behavior facilitates DNS spoofing attacks, allowing attackers to guess transaction IDs.

msrc Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-52616

CVSS3: 5.3
msrc
11 мСсяцСв Π½Π°Π·Π°Π΄

ОписаниС отсутствуСт

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2024-52616

CVSS3: 5.3
debian
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

A flaw was found in the Avahi-daemon, where it initializes DNS transac ...

suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2024:4386-1

suse-cvrf
ΠΎΠΊΠΎΠ»ΠΎ 1 Π³ΠΎΠ΄Π° Π½Π°Π·Π°Π΄

Security update for avahi

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 25%
0.00086
Низкий

5.3 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2024-52616