CVE-2024-1488

A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.

CVSS v3 8.0 HIGH

8.0^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.5

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2024:1750	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1751	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1780	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1801	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1802	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1804	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2587	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2696	Third Party Advisory
https://access.redhat.com/errata/RHSA-2025:0837
https://access.redhat.com/security/cve/CVE-2024-1488	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2264183	Issue Tracking Patch
https://access.redhat.com/errata/RHSA-2024:1750	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1751	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1780	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1801	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1802	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:1804	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2587	Third Party Advisory
https://access.redhat.com/errata/RHSA-2024:2696	Third Party Advisory
https://access.redhat.com/security/cve/CVE-2024-1488	Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2264183	Issue Tracking Patch

Configurations

Configuration 1 (hide)

cpe:2.3:a:fedoraproject:unbound:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:codeready_linux_builder:9.0:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.2_ppc64le:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.2_aarch64:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.2_s390x:::::::*
	cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:8.8:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:9.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:::::::*

History

30 Jan 2025, 22:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:0837 -

24 Jan 2025, 06:15

Type	Values Removed	Values Added
CWE	~~CWE-15~~

23 Jan 2025, 17:41

Type	Values Removed	Values Added
CWE		CWE-276
CPE		cpe:2.3:a:fedoraproject:unbound:::::::: cpe:2.3:o:redhat:enterprise_linux_eus:8.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6:::::::* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems_eus:9.4_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.2_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.4_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.4:::::::* cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.2_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:9.4:::::::* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.0_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.0_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.6_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.4_s390x:::::::* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64_eus:9.4_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.8_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:9.4_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.6_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:8.0_aarch64:::::::* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.0_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.8_s390x:::::::* cpe:2.3:a:redhat:codeready_linux_builder_eus:9.4:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.8:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64_eus:8.8_aarch64:::::::* cpe:2.3:a:redhat:codeready_linux_builder:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:9.2:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.4_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.2_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:8.8:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:::::::* cpe:2.3:a:redhat:codeready_linux_builder_eus_for_power_little_endian:9.0_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_for_arm_64:9.2_aarch64:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:8.6_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:9.2:::::::* cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.2_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:::::::* cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:::::::* cpe:2.3:o:redhat:enterprise_linux:8.0:::::::* cpe:2.3:a:redhat:codeready_linux_builder_for_arm64:9.2_aarch64:::::::* cpe:2.3:a:redhat:codeready_linux_builder_for_ibm_z_systems:9.2_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.2_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:8.8_ppc64le:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:8.6_s390x:::::::* cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.4_ppc64le:::::::* cpe:2.3:a:redhat:codeready_linux_builder_eus:9.2:::::::* cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:::::::*
First Time		Redhat enterprise Linux Server Aus Fedoraproject unbound Redhat enterprise Linux For Power Little Endian Redhat enterprise Linux For Ibm Z Systems Redhat codeready Linux Builder Eus For Power Little Endian Redhat codeready Linux Builder For Arm64 Eus Redhat enterprise Linux For Power Little Endian Eus Redhat Redhat enterprise Linux Eus Redhat codeready Linux Builder Redhat enterprise Linux Redhat enterprise Linux For Ibm Z Systems Eus Redhat codeready Linux Builder For Ibm Z Systems Eus Redhat codeready Linux Builder Eus Fedoraproject Redhat enterprise Linux Server Tus Redhat codeready Linux Builder For Arm64 Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Redhat enterprise Linux For Arm 64 Eus Redhat codeready Linux Builder For Ibm Z Systems Redhat enterprise Linux For Arm 64
References	~~() https://access.redhat.com/errata/RHSA-2024:1750 -~~	() https://access.redhat.com/errata/RHSA-2024:1750 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:1751 -~~	() https://access.redhat.com/errata/RHSA-2024:1751 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:1780 -~~	() https://access.redhat.com/errata/RHSA-2024:1780 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:1801 -~~	() https://access.redhat.com/errata/RHSA-2024:1801 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:1802 -~~	() https://access.redhat.com/errata/RHSA-2024:1802 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:1804 -~~	() https://access.redhat.com/errata/RHSA-2024:1804 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:2587 -~~	() https://access.redhat.com/errata/RHSA-2024:2587 - Third Party Advisory
References	~~() https://access.redhat.com/errata/RHSA-2024:2696 -~~	() https://access.redhat.com/errata/RHSA-2024:2696 - Third Party Advisory
References	~~() https://access.redhat.com/security/cve/CVE-2024-1488 -~~	() https://access.redhat.com/security/cve/CVE-2024-1488 - Third Party Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2264183 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2264183 - Issue Tracking, Patch

21 Nov 2024, 08:50

Type	Values Removed	Values Added
References	~~() https://access.redhat.com/errata/RHSA-2024:1750 -~~	() https://access.redhat.com/errata/RHSA-2024:1750 -
References	~~() https://access.redhat.com/errata/RHSA-2024:1751 -~~	() https://access.redhat.com/errata/RHSA-2024:1751 -
References	~~() https://access.redhat.com/errata/RHSA-2024:1780 -~~	() https://access.redhat.com/errata/RHSA-2024:1780 -
References	~~() https://access.redhat.com/errata/RHSA-2024:1801 -~~	() https://access.redhat.com/errata/RHSA-2024:1801 -
References	~~() https://access.redhat.com/errata/RHSA-2024:1802 -~~	() https://access.redhat.com/errata/RHSA-2024:1802 -
References	~~() https://access.redhat.com/errata/RHSA-2024:1804 -~~	() https://access.redhat.com/errata/RHSA-2024:1804 -
References	~~() https://access.redhat.com/errata/RHSA-2024:2587 -~~	() https://access.redhat.com/errata/RHSA-2024:2587 -
References	~~() https://access.redhat.com/errata/RHSA-2024:2696 -~~	() https://access.redhat.com/errata/RHSA-2024:2696 -
References	~~() https://access.redhat.com/security/cve/CVE-2024-1488 -~~	() https://access.redhat.com/security/cve/CVE-2024-1488 -
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2264183 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2264183 -

08 May 2024, 08:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:2696 -

30 Apr 2024, 20:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:2587 -

15 Apr 2024, 04:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:1751 - () https://access.redhat.com/errata/RHSA-2024:1780 - () https://access.redhat.com/errata/RHSA-2024:1801 - () https://access.redhat.com/errata/RHSA-2024:1802 - () https://access.redhat.com/errata/RHSA-2024:1804 -

10 Apr 2024, 12:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2024:1750 -
Summary		(es) Se encontró una vulnerabilidad en Unbound debido a permisos predeterminados incorrectos, lo que permite que cualquier proceso fuera del grupo independiente modifique la configuración del tiempo de ejecución independiente. Si un proceso puede conectarse a través de localhost al puerto 8953, puede alterar la configuración de unbound.service. Esta falla permite que un atacante sin privilegios manipule una instancia en ejecución, alterando potencialmente a los reenviadores, permitiéndoles rastrear todas las consultas enviadas por el solucionador local y, en algunos casos, interrumpiendo la resolución por completo.

15 Feb 2024, 05:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-02-15 05:15

Updated : 2025-01-30 22:15

NVD link : CVE-2024-1488

Mitre link : CVE-2024-1488

CVE.ORG link : CVE-2024-1488

JSON object : View

Products Affected

redhat

codeready_linux_builder_eus
codeready_linux_builder_for_arm64
codeready_linux_builder_for_arm64_eus
codeready_linux_builder_eus_for_power_little_endian
enterprise_linux_server_aus
enterprise_linux_for_ibm_z_systems_eus
enterprise_linux_server_tus
codeready_linux_builder_for_ibm_z_systems
enterprise_linux_for_ibm_z_systems
enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
enterprise_linux_eus
enterprise_linux_for_arm_64
codeready_linux_builder
enterprise_linux
enterprise_linux_for_power_little_endian
enterprise_linux_for_arm_64_eus
enterprise_linux_for_power_little_endian_eus
codeready_linux_builder_for_ibm_z_systems_eus

fedoraproject

unbound

CWE

CWE-276

Incorrect Default Permissions

8.0 /10