CVE-2024-2184Out-of-bounds Write in INC C1127i Series

CWE-787Out-of-bounds WriteCWE-415Double Free4 documents4 sources
Severity
9.8CRITICALNVD
EPSS
0.1%
top 67.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
26
Canon INC C1127i SeriesCanon INC C1127pCanon INC C1333i Series+23 more
Timeline
PublishedMar 11
Latest updateMay 30

Description

Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code.*:Satera MF740C Series/Satera MF640C Series/Satera LBP660C Series/Satera LBP620C Series firmware v12.07 and earlier, and Satera MF750C Series/Satera LBP670C Series firmware v03.09 and earlier sold in Japan.Color imageCLASS MF740C Series/Color

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages26 packages

CVEListV5canon_inc/color_imageclass_mf640c_seriesv12.07 and earlier
CVEListV5canon_inc/color_imageclass_mf740c_seriesv12.07 and earlier
CVEListV5canon_inc/color_imageclass_mf750c_seriesv03.09 and earlier
CVEListV5canon_inc/satera_mf640c_seriesv12.07 and earlier
CVEListV5canon_inc/satera_mf740c_seriesv12.07 and earlier

🔴Vulnerability Details

2
CVEList
CVE-2024-2184: Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attac2024-03-11
GHSA
GHSA-76j8-6c8j-572v: Buffer overflow in identifier field of WSD probe request process of Small Office Multifunction Printers and Laser Printers(*) which may allow an attac2024-03-11

📋Vendor Advisories

1
Red Hat
kernel: octeontx2-af: fix the double free in rvu_npc_freemem()2024-05-30
CVE-2024-2184 — Out-of-bounds Write | cvebase