nvd-json-data-feeds/CVE-2024/CVE-2024-423xx/CVE-2024-42381.json

{
  "id": "CVE-2024-42381",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-07-31T06:15:02.130",
  "lastModified": "2024-08-01T13:59:22.207",
  "vulnStatus": "Awaiting Analysis",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which occurs before a user would expect execution of downloaded package content. (237d1e783f7ee261beaba7d3f6bde22da7148b0a was the tested vulnerable version.)"
    },
    {
      "lang": "es",
      "value": " os/linux/elf.rb en Homebrew Brew anterior a 4.2.20 usa ldd para cargar archivos ELF obtenidos de fuentes no confiables, lo que permite a los atacantes lograr la ejecuci\u00f3n de c\u00f3digo a trav\u00e9s de un archivo ELF con una secci\u00f3n .interp personalizada. NOTA: la ejecuci\u00f3n de este c\u00f3digo ocurrir\u00eda durante una fase de reubicaci\u00f3n binaria sin espacio aislado, que ocurre antes de que un usuario espere la ejecuci\u00f3n del contenido del paquete descargado. (237d1e783f7ee261beaba7d3f6bde22da7148b0a fue la versi\u00f3n vulnerable probada)."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cve@mitre.org",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "HIGH",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "CHANGED",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "availabilityImpact": "HIGH"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 6.0
      }
    ]
  },
  "weaknesses": [
    {
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-830"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://blog.trailofbits.com/2024/07/30/our-audit-of-homebrew/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://brew.sh/2024/07/30/homebrew-security-audit/",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/Homebrew/brew/commit/916b37388d3851a8a93a8e9b4adc38873680ead7",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/Homebrew/brew/pull/17136",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/Homebrew/brew/releases/tag/4.2.20",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/Homebrew/brew/tree/237d1e783f7ee261beaba7d3f6bde22da7148b0a",
      "source": "cve@mitre.org"
    },
    {
      "url": "https://github.com/trailofbits/publications/blob/master/reviews/2023-08-28-homebrew-securityreview.pdf",
      "source": "cve@mitre.org"
    }
  ]
}