SB2024040960 - Multiple use-after-free vulnerabilities in Microsoft DNS Server

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2024040960

SB2024040960 - Multiple use-after-free vulnerabilities in Microsoft DNS Server

Published: April 9, 2024

Security Bulletin ID SB2024040960
CSH Severity
Medium
Patch available
YES
Number of vulnerabilities 7
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 7 vulnerabilities.


1) Use-after-free (CVE-ID: CVE-2024-26223)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.


2) Use-after-free (CVE-ID: CVE-2024-26233)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.


3) Use-after-free (CVE-ID: CVE-2024-26231)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.


4) Use-after-free (CVE-ID: CVE-2024-26221)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.


5) Use-after-free (CVE-ID: CVE-2024-26222)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.


6) Use-after-free (CVE-ID: CVE-2024-26224)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.


7) Use-after-free (CVE-ID: CVE-2024-26227)

CWE-ID: CWE-416 - Use After Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Green


The vulnerability allows a remote user to compromise vulnerable system.

The vulnerability exists due to a use-after-free error when handling DNS queries. A remote user can send specially crafted DNS requests to the affected server and execute arbitrary code on the system, if the timing of DNS queries is perfect.



Remediation

Install update from vendor's website.

References