CVE-2024-1488: Unbound: unrestricted reconfiguration enabled to anyone that may lead to local privilege escalation
First published: Wed Feb 14 2024(Updated: )
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| IBM QRadar SIEM | <=7.5 - 7.5.0 UP8 IF01 | |
| redhat/unbound 1.19.1 | <2. | 2. |
| fedoraproject Unbound | <1.19.1-2.fc40 | |
| redhat codeready Linux builder | =9.0 | |
| redhat codeready linux builder eus | =9.2 | |
| redhat codeready linux builder eus | =9.4 | |
| redhat codeready Linux builder eus for power little endian | =9.0_ppc64le | |
| redhat codeready Linux builder eus for power little endian | =9.2_ppc64le | |
| redhat codeready linux builder for arm64 | =9.0_aarch64 | |
| redhat codeready linux builder for arm64 | =9.2_aarch64 | |
| redhat codeready linux builder for arm64 eus | =9.4_aarch64 | |
| redhat codeready linux builder for ibm z systems | =9.0_s390x | |
| redhat codeready linux builder for ibm z systems | =9.2_s390x | |
| redhat codeready linux builder for ibm z systems eus | =9.4_s390x | |
| Red Hat Enterprise Linux | =8.0 | |
| Red Hat Enterprise Linux | =9.0 | |
| redhat enterprise Linux eus | =8.6 | |
| redhat enterprise Linux eus | =8.8 | |
| redhat enterprise Linux eus | =9.2 | |
| redhat enterprise Linux eus | =9.4 | |
| redhat enterprise Linux for arm 64 | =8.0_aarch64 | |
| redhat enterprise Linux for arm 64 | =9.0_aarch64 | |
| redhat enterprise Linux for arm 64 | =9.2_aarch64 | |
| redhat enterprise Linux for arm 64 eus | =8.6_aarch64 | |
| redhat enterprise Linux for arm 64 eus | =8.8_aarch64 | |
| redhat enterprise Linux for arm 64 eus | =9.4_aarch64 | |
| redhat enterprise Linux for ibm z systems | =8.0_s390x | |
| redhat enterprise Linux for ibm z systems | =9.0_s390x | |
| redhat enterprise Linux for ibm z systems | =9.2_s390x | |
| redhat enterprise Linux for ibm z systems eus | =8.6_s390x | |
| redhat enterprise Linux for ibm z systems eus | =8.8_s390x | |
| redhat enterprise Linux for ibm z systems eus | =9.4_s390x | |
| redhat enterprise Linux for power little endian | =8.0_ppc64le | |
| redhat enterprise Linux for power little endian | =9.0_ppc64le | |
| redhat enterprise Linux for power little endian | =9.2_ppc64le | |
| redhat enterprise Linux for power little endian eus | =8.6_ppc64le | |
| redhat enterprise Linux for power little endian eus | =8.8_ppc64le | |
| redhat enterprise Linux for power little endian eus | =9.4_ppc64le | |
| redhat enterprise Linux server aus | =8.2 | |
| redhat enterprise Linux server aus | =8.4 | |
| redhat enterprise Linux server aus | =8.6 | |
| redhat enterprise Linux server aus | =9.2 | |
| redhat enterprise Linux server aus | =9.4 | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =8.2_ppc64le | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =8.4_ppc64le | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =8.6_ppc64le | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =8.8_ppc64le | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =9.2_ppc64le | |
| redhat enterprise Linux server for power little endian update services for sap solutions | =9.4_ppc64le | |
| redhat enterprise Linux server tus | =8.2 | |
| redhat enterprise Linux server tus | =8.4 | |
| redhat enterprise Linux server tus | =8.6 | |
| redhat enterprise Linux server tus | =8.8 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/errata/RHSA-2024:1750
- https://access.redhat.com/errata/RHSA-2024:1751
- https://access.redhat.com/errata/RHSA-2024:1780
- https://access.redhat.com/errata/RHSA-2024:1801
- https://access.redhat.com/errata/RHSA-2024:1802
- https://access.redhat.com/errata/RHSA-2024:1804
- https://access.redhat.com/errata/RHSA-2024:2587
- https://access.redhat.com/errata/RHSA-2024:2696
- https://access.redhat.com/security/cve/CVE-2024-1488
- https://bugzilla.redhat.com/show_bug.cgi?id=2264183
- https://src.fedoraproject.org/rpms/unbound/c/39b47dbaf1ebe59e71a0e4269a6bb62d3126ba7d
- https://src.fedoraproject.org/rpms/unbound/c/2cd0b94125f7cd88cdb777a8f546f3480bbd750a
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2264184
- https://exchange.xforce.ibmcloud.com/vulnerabilities/283575
- https://www.ibm.com/support/pages/node/7150684 (Advisory)
- agent/title
- agent/type
- agent/first-publish-date
- agent/author
- agent/event
- collector/ibm-support
- source/IBM
- agent/software-canonical-lookup
- agent/references
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2024-1488
- agent/trending
- agent/source
- agent/severity
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup-request
- vendor/ibm
- canonical/ibm qradar siem
- version/ibm qradar siem/7.5 - 7.5.0 up8 if01
- package-manager/redhat
- vendor/fedoraproject
- canonical/fedoraproject unbound
- vendor/redhat
- canonical/redhat codeready linux builder
- version/redhat codeready linux builder/9.0
- canonical/redhat codeready linux builder eus
- version/redhat codeready linux builder eus/9.2
- version/redhat codeready linux builder eus/9.4
- canonical/redhat codeready linux builder eus for power little endian
- version/redhat codeready linux builder eus for power little endian/9.0_ppc64le
- version/redhat codeready linux builder eus for power little endian/9.2_ppc64le
- canonical/redhat codeready linux builder for arm64
- version/redhat codeready linux builder for arm64/9.0_aarch64
- version/redhat codeready linux builder for arm64/9.2_aarch64
- canonical/redhat codeready linux builder for arm64 eus
- version/redhat codeready linux builder for arm64 eus/9.4_aarch64
- canonical/redhat codeready linux builder for ibm z systems
- version/redhat codeready linux builder for ibm z systems/9.0_s390x
- version/redhat codeready linux builder for ibm z systems/9.2_s390x
- canonical/redhat codeready linux builder for ibm z systems eus
- version/redhat codeready linux builder for ibm z systems eus/9.4_s390x
- canonical/red hat enterprise linux
- version/red hat enterprise linux/8.0
- version/red hat enterprise linux/9.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/8.6
- version/redhat enterprise linux eus/8.8
- version/redhat enterprise linux eus/9.2
- version/redhat enterprise linux eus/9.4
- canonical/redhat enterprise linux for arm 64
- version/redhat enterprise linux for arm 64/8.0_aarch64
- version/redhat enterprise linux for arm 64/9.0_aarch64
- version/redhat enterprise linux for arm 64/9.2_aarch64
- canonical/redhat enterprise linux for arm 64 eus
- version/redhat enterprise linux for arm 64 eus/8.6_aarch64
- version/redhat enterprise linux for arm 64 eus/8.8_aarch64
- version/redhat enterprise linux for arm 64 eus/9.4_aarch64
- canonical/redhat enterprise linux for ibm z systems
- version/redhat enterprise linux for ibm z systems/8.0_s390x
- version/redhat enterprise linux for ibm z systems/9.0_s390x
- version/redhat enterprise linux for ibm z systems/9.2_s390x
- canonical/redhat enterprise linux for ibm z systems eus
- version/redhat enterprise linux for ibm z systems eus/8.6_s390x
- version/redhat enterprise linux for ibm z systems eus/8.8_s390x
- version/redhat enterprise linux for ibm z systems eus/9.4_s390x
- canonical/redhat enterprise linux for power little endian
- version/redhat enterprise linux for power little endian/8.0_ppc64le
- version/redhat enterprise linux for power little endian/9.0_ppc64le
- version/redhat enterprise linux for power little endian/9.2_ppc64le
- canonical/redhat enterprise linux for power little endian eus
- version/redhat enterprise linux for power little endian eus/8.6_ppc64le
- version/redhat enterprise linux for power little endian eus/8.8_ppc64le
- version/redhat enterprise linux for power little endian eus/9.4_ppc64le
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/8.2
- version/redhat enterprise linux server aus/8.4
- version/redhat enterprise linux server aus/8.6
- version/redhat enterprise linux server aus/9.2
- version/redhat enterprise linux server aus/9.4
- canonical/redhat enterprise linux server for power little endian update services for sap solutions
- version/redhat enterprise linux server for power little endian update services for sap solutions/8.2_ppc64le
- version/redhat enterprise linux server for power little endian update services for sap solutions/8.4_ppc64le
- version/redhat enterprise linux server for power little endian update services for sap solutions/8.6_ppc64le
- version/redhat enterprise linux server for power little endian update services for sap solutions/8.8_ppc64le
- version/redhat enterprise linux server for power little endian update services for sap solutions/9.2_ppc64le
- version/redhat enterprise linux server for power little endian update services for sap solutions/9.4_ppc64le
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/8.2
- version/redhat enterprise linux server tus/8.4
- version/redhat enterprise linux server tus/8.6
- version/redhat enterprise linux server tus/8.8