CVE-2024-38517Integer Underflow (Wrap or Wraparound) in Rapidjson

CWE-191Integer Underflow (Wrap or Wraparound)8 documents7 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 78.50%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
Tencent RapidjsonDebian RapidjsonMsrc Windows 10 Version 1607+10 more
Timeline
PublishedJul 9
Latest updateNov 25

Description

Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages14 packages

Debiantencent/rapidjson< 1.1.0+dfsg2-7.4+1
CVEListV5tencent/rapidjson1.1.0
debiandebian/rapidjson< rapidjson 1.1.0+dfsg2-7.4 (forky)

🔴Vulnerability Details

1
OSV
CVE-2024-38517: Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjs2024-07-09

📋Vendor Advisories

4
Ubuntu
RapidJSON vulnerability2024-11-25
Microsoft
Github: CVE-2024-38517 TenCent RapidJSON Elevation of Privilege Vulnerability2024-07-09
Red Hat
rapidjson: privilege escalation via integer underflow in GenericReader::ParseNumber()2024-07-09
Debian
CVE-2024-38517: rapidjson - Tencent RapidJSON is vulnerable to privilege escalation due to an integer underf...2024

🕵️Threat Intelligence

2
Trendmicro
The July 2024 Security Update Review2024-07-09
Trendmicro
The July 2024 Security Update Review2024-07-09