CVE-2024-53426Classic Buffer Overflow in Azl3 Ntopng 5.2.1-5 ON Azure Linux 3.0

CWE-120Classic Buffer Overflow4 documents4 sources
Severity
6.2MEDIUMNVD
EPSS
0.0%
top 90.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Msrc Azl3 Ntopng 5.2.1-5 ON Azure Linux 3.0Msrc Azl3 Ntopng 5.2.1-6 ON Azure Linux 3.0Msrc Cbl2 Ntopng 5.2.1-3 ON CBL Mariner 2.0+1 more
Timeline
PublishedNov 21
Latest updateNov 26

Description

A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS function.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.5 | Impact: 3.6

Affected Packages4 packages

🔴Vulnerability Details

2
GHSA
GHSA-54m6-gfp9-9j48: A heap-buffer-overflow vulnerability has been identified in ntopng 62024-11-26
OSV
CVE-2024-53426: A heap-buffer-overflow vulnerability has been identified in ntopng 62024-11-21

📋Vendor Advisories

1
Microsoft
A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS function.2024-11-12