Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-1013HistoryMar 18, 2024 - 11:15 a.m.
CVE-2024-1013
2024-03-1811:15:09
Debian Security Bug Tracker
security-tracker.debian.org
10
cve-2024-1013
out-of-bounds write
unixodbc
64-bit architectures
little-endian
big-endian
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
7.2
Confidence
Low
EPSS
0
Percentile
15.5%
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | unixodbc | <= 2.3.11-2+deb12u1 | unixodbc_2.3.11-2+deb12u1_all.deb |
| Debian | 11 | all | unixodbc | <= 2.3.6-0.1 | unixodbc_2.3.6-0.1_all.deb |
| Debian | 999 | all | unixodbc | <= 2.3.12-1 | unixodbc_2.3.12-1_all.deb |
| Debian | 13 | all | unixodbc | <= 2.3.12-1 | unixodbc_2.3.12-1_all.deb |
Related
redhatcve
redhatcve
CVE-2024-1013
2024-03-18 10:51:39
cbl_mariner
cbl_mariner
CVE-2024-1013 affecting package unixODBC for versions less than 2.3.12-2
2024-06-21 09:32:44
CVE-2024-1013 affecting package unixODBC for versions less than 2.3.9-3
2024-03-28 19:04:04
ubuntu
ubuntu
unixODBC vulnerability
2024-03-27 00:00:00
unixODBC vulnerability
2024-06-05 00:00:00
cve
cve
CVE-2024-1013
2024-03-18 11:15:09
vulnrichment
vulnrichment
openvas
openvas
Ubuntu: Security Advisory (USN-6715-1)
2024-03-28 00:00:00
Ubuntu: Security Advisory (USN-6715-2)
2024-06-06 00:00:00
Mageia: Security Advisory (MGASA-2024-0106)
2024-04-05 00:00:00
osv
osv
unixodbc vulnerability
2024-06-05 13:17:14
Security update for unixODBC
2024-08-20 09:07:09
unixodbc vulnerability
2024-03-27 20:38:24
nessus
nessus
Ubuntu 24.04 LTS : unixODBC vulnerability (USN-6715-2)
2024-06-05 00:00:00
Amazon Linux 2023 : unixODBC, unixODBC-devel (ALAS2023-2024-641)
2024-06-10 00:00:00
Amazon Linux 2 : unixODBC (ALAS-2024-2565)
2024-06-12 00:00:00
cloudfoundry
cloudfoundry
USN-6715-1: unixODBC vulnerability | Cloud Foundry
2024-04-04 00:00:00
cvelist
cvelist
redos
redos
ROS-20240826-15
2024-08-26 00:00:00
cloudlinux
cloudlinux
unixODBC: Fix of CVE-2024-1013
2024-04-04 20:29:35
mageia
mageia
Updated unixODBC packages fix security vulnerability
2024-04-01 22:50:27
ubuntucve
ubuntucve
CVE-2024-1013
2024-03-18 00:00:00
amazon
amazon
Medium: unixODBC
2024-06-06 20:17:00
nvd
nvd
CVE-2024-1013
2024-03-18 11:15:09
photon
photon
Important Photon OS Security Update - PHSA-2024-3.0-0757
2024-05-03 00:00:00
Important Photon OS Security Update - PHSA-2024-4.0-0613
2024-05-18 00:00:00
Important Photon OS Security Update - PHSA-2024-5.0-0256
2024-04-24 00:00:00
CVSS3
7.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H
AI Score
7.2
Confidence
Low
EPSS
0
Percentile
15.5%
Related for DEBIANCVE:CVE-2024-1013