CVE-2024-34646
https://notcve.org/view.php?id=CVE-2024-34646
Improper access control in DualDarManagerProxy prior to SMR Sep-2024 Release 1 allows local attackers to cause local permanent denial of service. • https://security.samsungmobile.com/securityUpdate.smsb?year=2024&month=09 •
CVE-2024-45692
https://notcve.org/view.php?id=CVE-2024-45692
Webmin before 2.202 and Virtualmin before 7.20.2 allow a network traffic loop via spoofed UDP packets on port 10000. • https://cispa.de/en/loop-dos https://webmin.com https://www.openwall.com/lists/oss-security/2024/09/04/1 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVE-2024-45506
https://notcve.org/view.php?id=CVE-2024-45506
HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service. HAProxy 2.9.x before 2.9.10, 3.0.x before 3.0.4, and 3.1.x through 3.1-dev6 allows a remote denial of service for HTTP/2 zero-copy forwarding (h2_send loop) under a certain set of conditions, as exploited in the wild in 2024. • http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=c725db17e8416ffb3c1537aea756356228ce5e3c http://git.haproxy.org/?p=haproxy-3.0.git%3Ba=commitdiff%3Bh=d636e515453320c6e122c313c661a8ac7d387c7f https://www.haproxy.org https://www.haproxy.org/download/3.1/src/CHANGELOG https://www.mail-archive.com/haproxy%40formilux.org/msg45280.html https://www.mail-archive.com/haproxy%40formilux.org/msg45281.html •
CVE-2024-6119 – Possible denial of service in X.509 name checks
https://notcve.org/view.php?id=CVE-2024-6119
This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. • https://openssl-library.org/news/secadv/20240903.txt https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 https://access.redhat.com/security/cve/CVE-2024-6119 https://bugzilla.redhat.com/show_bug.cgi?id=2306158 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVE-2024-6232 – Regular-expression DoS when parsing TarFile headers
https://notcve.org/view.php?id=CVE-2024-6232
A regular expression denial of service (ReDos) vulnerability was found in Python's tarfile module. Due to excessive backtracking while tarfile parses headers, an attacker may be able to trigger a denial of service via a specially crafted tar archive. • https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06 https://github.com/python/cpython/commit/743acbe872485dc18df4d8ab2dc7895187f062c4 https://github.com/python/cpython/commit/d449caf8a179e3b954268b3a88eb9170be3c8fbf https://github.com/python/cpython/commit/ed3a49ea734ada357ff4442996fd4ae71d253373 https://github.com/python/cpython/issues/121285 https://github.com/python/cpython/pull/121286 https://mail.python.org/archives/list/security-announce@python.org/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY https://github.com/python/cp • CWE-1333: Inefficient Regular Expression Complexity •