CVE-2024-52949

Опубликовано: 16 дек. 2024

Источник: redhat

CVSS3: 6.6

EPSS Низкий

Описание

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 10	iptraf-ng	Not affected
Red Hat Enterprise Linux 7	iptraf-ng	Out of support scope
Red Hat Enterprise Linux 8	iptraf-ng	Out of support scope
Red Hat Enterprise Linux 9	iptraf-ng	Fixed	RHSA-2025:7064	13.05.2025

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-121

https://bugzilla.redhat.com/show_bug.cgi?id=2332702iptraf-ng: buffer overflow via ifaces.c

EPSS

Процентиль: 12%

0.00042

Низкий

6.6 Medium

CVSS3

Связанные уязвимости

CVE-2024-52949

CVSS3: 9.8

ubuntu

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 9.8

nvd

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, the strcpy function consistently fails to control the size, and it is consequently possible to overflow memory on the stack.

CVE-2024-52949

CVSS3: 9.8

msrc

7 месяцев назад

Описание отсутствует

CVE-2024-52949

CVSS3: 9.8

debian

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow. In src/ifaces.c, th ...

GHSA-94mp-gc2x-rqm6

CVSS3: 9.8

github

8 месяцев назад

iptraf-ng 1.2.1 has a stack-based buffer overflow.

EPSS

Процентиль: 12%

0.00042

Низкий

6.6 Medium

CVSS3