CVE-2024-6119

CWE-84313 documents10 sources
Severity
7.5HIGH
EPSS
5.7%
top 9.59%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Openssl OpensslNetapp Ontap Tools
Timeline
PublishedSep 3
Latest updateNov 26

Description

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `other

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages4 packages

CVEListV5openssl/openssl3.3.03.3.2+3
NVDopenssl/openssl3.0.03.0.15+3
Alpineopenssl< 3.0.15-r0+6
Debianopenssl< 3.0.14-1~deb12u2+2

Also affects: Ontap Tools 9

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

4
OSV
CVE-2024-6119: Issue summary: Applications performing certificate name checks (e2024-09-03
CVEList
Possible denial of service in X.509 name checks2024-09-03
GHSA
GHSA-7m4m-pwhv-49c5: Issue summary: Applications performing certificate name checks (e2024-09-03
OSV
CVE-2024-6119: Issue summary: Applications performing certificate name checks (e2024-09-03

📋Vendor Advisories

8
Ubuntu
EDK II vulnerabilities2025-11-26
Oracle
Oracle Oracle Communications Risk Matrix: Configuration (Cryptography) — CVE-2024-61192025-01-15
Oracle
Oracle Oracle Database Server Risk Matrix: Oracle Database Security (OpenSSL) — CVE-2024-61192024-10-15
Microsoft
Possible denial of service in X.509 name checks2024-09-10
BSD
FreeBSD-SA-24:13.openssl: Possible DoS in X.509 name checks in OpenSSL2024-09-04
CVE-2024-6119 (HIGH CVSS 7.5) | Issue summary: Applications perform | cvebase.io