Bug ID 1225833
Summary VUL-0: CVE-2024-36845: libmodbus: denial of service due to an invalid pointer in the modbus_receive() function
Classification openSUSE
Product openSUSE Distribution
Version Leap 15.6
Hardware Other
URL https://smash.suse.de/issue/408372/
OS Other
Status NEW
Severity Major
Priority P5 - None
Component Security
Assignee sbrabec@suse.com
Reporter smash_bz@suse.de
QA Contact security-team@suse.de
CC camila.matos@suse.com
Target Milestone ---
Found By Security Response Team
Blocker ---

An invalid pointer in the modbus_receive() function of libmodbus v3.1.6 allows
attackers to cause a Denial of Service (DoS) via a crafted message sent to the
unit-test-server.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-36845
https://www.cve.org/CVERecord?id=CVE-2024-36845
https://github.com/stephane/libmodbus/issues/750
https://bugzilla.redhat.com/show_bug.cgi?id=2284259


You are receiving this mail because: