2024-01-17 10:00:38 +00:00
{
2024-01-17 16:00:36 +00:00
"data_version" : "4.0" ,
2024-01-17 10:00:38 +00:00
"data_type" : "CVE" ,
"data_format" : "MITRE" ,
"CVE_data_meta" : {
"ID" : "CVE-2024-0641" ,
2024-01-17 16:00:36 +00:00
"ASSIGNER" : "secalert@redhat.com" ,
"STATE" : "PUBLIC"
2024-01-17 10:00:38 +00:00
} ,
"description" : {
"description_data" : [
{
"lang" : "eng" ,
2024-01-17 16:00:36 +00:00
"value" : "A denial of service vulnerability was found in tipc_crypto_key_revoke in net/tipc/crypto.c in the Linux kernel\u2019s TIPC subsystem. This flaw allows guests with local user privileges to trigger a deadlock and potentially crash the system."
}
]
} ,
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng" ,
"value" : "Deadlock" ,
"cweId" : "CWE-833"
}
]
}
]
} ,
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "Red Hat" ,
"product" : {
"product_data" : [
{
"product_name" : "Red Hat Enterprise Linux 6" ,
"version" : {
"version_data" : [
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "unaffected"
}
}
]
}
} ,
{
"product_name" : "Red Hat Enterprise Linux 7" ,
"version" : {
"version_data" : [
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "unaffected"
}
} ,
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "unaffected"
}
}
]
}
} ,
{
"product_name" : "Red Hat Enterprise Linux 8" ,
"version" : {
"version_data" : [
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "affected"
}
} ,
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "affected"
}
}
]
}
} ,
{
"product_name" : "Red Hat Enterprise Linux 9" ,
"version" : {
"version_data" : [
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "affected"
}
} ,
{
"version_value" : "not down converted" ,
"x_cve_json_5_version_data" : {
"defaultStatus" : "affected"
}
}
]
}
}
]
}
}
]
}
} ,
"references" : {
"reference_data" : [
{
"url" : "https://access.redhat.com/security/cve/CVE-2024-0641" ,
"refsource" : "MISC" ,
"name" : "https://access.redhat.com/security/cve/CVE-2024-0641"
} ,
{
"url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2258757" ,
"refsource" : "MISC" ,
"name" : "https://bugzilla.redhat.com/show_bug.cgi?id=2258757"
} ,
{
"url" : "https://github.com/torvalds/linux/commit/08e50cf071847323414df0835109b6f3560d44f5" ,
"refsource" : "MISC" ,
"name" : "https://github.com/torvalds/linux/commit/08e50cf071847323414df0835109b6f3560d44f5"
}
]
} ,
"work_around" : [
{
"lang" : "en" ,
"value" : "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
] ,
"impact" : {
"cvss" : [
{
2024-02-14 14:00:37 +00:00
"attackComplexity" : "LOW" ,
2024-01-17 16:00:36 +00:00
"attackVector" : "LOCAL" ,
"availabilityImpact" : "HIGH" ,
2024-02-14 14:00:37 +00:00
"baseScore" : 5.5 ,
2024-01-17 16:00:36 +00:00
"baseSeverity" : "MEDIUM" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
"privilegesRequired" : "LOW" ,
"scope" : "UNCHANGED" ,
"userInteraction" : "NONE" ,
2024-02-14 14:00:37 +00:00
"vectorString" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" ,
2024-01-17 16:00:36 +00:00
"version" : "3.1"
2024-01-17 10:00:38 +00:00
}
]
}
}
