[Bug 1224062] New: VUL-0: CVE-2024-34244: libmodbus: buffer overflow via the modbus_write_bits function
https://bugzilla.suse.com/show_bug.cgi?id=1224062 Bug ID: 1224062 Summary: VUL-0: CVE-2024-34244: libmodbus: buffer overflow via the modbus_write_bits function Classification: openSUSE Product: openSUSE Distribution Version: Leap 15.6 Hardware: Other URL: https://smash.suse.de/issue/404865/ OS: Other Status: NEW Severity: Major Priority: P5 - None Component: Security Assignee: sbrabec@suse.com Reporter: smash_bz@suse.de QA Contact: security-team@suse.de CC: camila.matos@suse.com Target Milestone: --- Found By: Security Response Team Blocker: --- libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors. References: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-34244 https://www.cve.org/CVERecord?id=CVE-2024-34244 https://github.com/stephane/libmodbus/issues/743 -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1224062 Maintenance Automation <maint-coord+maintenance-robot@suse.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P5 - None |P3 - Medium -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1224062 https://bugzilla.suse.com/show_bug.cgi?id=1224062#c2 Stanislav Brabec <sbrabec@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CONFIRMED --- Comment #2 from Stanislav Brabec <sbrabec@suse.com> --- Upstream has no solution yet. If possible, let's wait a bit and then see. If there well be no upstream fix, we will investigate further. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1224062 https://bugzilla.suse.com/show_bug.cgi?id=1224062#c3 --- Comment #3 from Stanislav Brabec <sbrabec@suse.com> --- Checking the upstream again, there is still no fix. The upstream issue has no progress. However the report indicates exact crash line, the source of the problem could be elsewhere. Is it serious enough to start a research? Note that we have no Modbus testing hardware. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1224062 https://bugzilla.suse.com/show_bug.cgi?id=1224062#c4 Stanislav Brabec <sbrabec@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|CONFIRMED |IN_PROGRESS --- Comment #4 from Stanislav Brabec <sbrabec@suse.com> --- According to the upstream tracker, this buffer overflow is caused by the incorrect use of libmodbus in the code of PoC and not in the libmodbus itself. If it will be confirmed by the upstream developer, this bug can be closed as INVALID. -- You are receiving this mail because: You are on the CC list for the bug.
https://bugzilla.suse.com/show_bug.cgi?id=1224062 https://bugzilla.suse.com/show_bug.cgi?id=1224062#c5 Stanislav Brabec <sbrabec@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|IN_PROGRESS |RESOLVED Resolution|--- |INVALID --- Comment #5 from Stanislav Brabec <sbrabec@suse.com> --- Upstream maintainer confirmed the bug as invalid. The problem is caused by the fuzzing driver itself that improperly uses the library. -- You are receiving this mail because: You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@suse.com