#VU95607 Improper Certificate Validation in libnbd - CVE-2024-7383


Vulnerability identifier: #VU95607

Vulnerability risk: Medium

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2024-7383

CWE-ID: CWE-295

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libnbd
Universal components / Libraries / Libraries used by multiple products

Vendor: libguestfs

Description

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exist due to improper certificate validation when handling the NBD server's certificate. A remote attacker can perform MitM attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

libnbd: 1.18.0 - 1.19.11, 1.20.0 - 1.21.0

External links
https://access.redhat.com/security/cve/CVE-2024-7383
https://bugzilla.redhat.com/show_bug.cgi?id=2302865
https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/message/LHR3BW6RJ7K4BJBQIYV3GTZLSY27VZO2
https://lists.libguestfs.org/archives/list/guestfs@lists.libguestfs.org/thread/ENZY4LHLARA3N4C3JUNLPYUCXHFO7BWQ/

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Anolis OS update for libnbd
Anolis OS update for virt:an module
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.17
Multiple vulnerabilities in Oracle Linux
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.16
Red Hat Enterprise Linux 8 update for the virt:rhel and virt-devel:rhel module
Red Hat Enterprise Linux 9 update for libnbd
SUSE update for libnbd
SUSE update for libnbd
MitM attack in libnbd