CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-1931

Medium Severity
Nlnetlabs
SVRS
30/100
CVSSv3
7.5/10
EPSS
0.06753/1

CVE-2024-1931 is a denial-of-service vulnerability in NLnet Labs Unbound DNS resolver versions 1.18.0 through 1.19.1. This flaw can trigger an infinite loop due to an unchecked condition in the EDE record trimming code, leading to denial of service. The SVRS score of 30 suggests a low level of exploitability despite the 'In The Wild' tag, indicating that while exploits may exist, they are not widespread or easily executed. The vulnerability occurs when Unbound attempts to include EDE information in a response while the client's buffer size is insufficient, but only when the 'ede: yes' option is enabled. This configuration is non-default, limiting the scope of potential impact. Upgrading to version 1.19.2 or later resolves this issue by preventing the infinite loop. Although the CVSS score is 7.5, the low SVRS score suggests that active exploitation is not prevalent and that mitigation efforts should be prioritized based on the specific configuration.

TAGS
In The Wild
VECTOR STRING
CVSS:3.1
AV:N
AC:L
PR:N
UI:N
S:U
C:N
I:N
A:H
PUBLICATION DATE2024-03-07
LAST MODIFIED2024-12-17
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-1931 is a denial-of-service vulnerability in NLnet Labs Unbound versions 1.18.0 to 1.19.1. The vulnerability arises from an unchecked condition in the code that trims the text of EDE records, leading to an infinite loop. This can only be triggered when the 'ede: yes' option is used.

Key Insights

  • SVRS Score: 30, indicating a moderate risk.
  • Exploit Status: Active exploits have been published.
  • CISA Warning: The Cybersecurity and Infrastructure Security Agency (CISA) has warned of the vulnerability, calling for immediate and necessary measures.
  • In The Wild: The vulnerability is actively exploited by hackers.

Mitigation Strategies

  • Update to Unbound version 1.19.2 or later.
  • Disable the 'ede: yes' option if possible.
  • Implement rate limiting to prevent excessive requests.
  • Monitor logs for suspicious activity and take appropriate action.

Additional Information

If users have additional queries regarding this incident, they can use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for more information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-1931 | NLnet Unbound up to 1.19.1 infinite loop (Nessus ID 211409)
vuldb.com2024-12-17
CVE-2024-1931 | NLnet Unbound up to 1.19.1 infinite loop (Nessus ID 211409) | A vulnerability was found in NLnet Unbound up to 1.19.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to infinite loop. This vulnerability is known as CVE-2024-1931. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component
cve-2024-1931
cyber security
fraud
https

Social Media

No tweets found for this CVE

Affected Software

Configuration 1
TypeVendorProduct
AppNlnetlabsunbound
Configuration 2
TypeVendorProduct
OSFedoraprojectfedora

References

ReferenceLink
SEP@NLNETLABS.NLhttps://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/
SEP@NLNETLABS.NLhttps://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B2JUIFPA7H75Q2W3VXW2TUNHK6NVGOX4/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBR4H7RCVMJ6H76S4LLRSY5EBFTYWGXK/
SEP@NLNETLABS.NLhttps://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B2JUIFPA7H75Q2W3VXW2TUNHK6NVGOX4/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBR4H7RCVMJ6H76S4LLRSY5EBFTYWGXK/
SEP@NLNETLABS.NLhttps://lists.freebsd.org/archives/freebsd-security/2024-July/000283.html
SEP@NLNETLABS.NLhttps://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B2JUIFPA7H75Q2W3VXW2TUNHK6NVGOX4/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBR4H7RCVMJ6H76S4LLRSY5EBFTYWGXK/
SEP@NLNETLABS.NLhttps://lists.freebsd.org/archives/freebsd-security/2024-July/000283.html
SEP@NLNETLABS.NLhttps://security.netapp.com/advisory/ntap-20240705-0006/
SEP@NLNETLABS.NLhttps://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B2JUIFPA7H75Q2W3VXW2TUNHK6NVGOX4/
AF854A3A-2127-422B-91AE-364DA2661108https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBR4H7RCVMJ6H76S4LLRSY5EBFTYWGXK/
AF854A3A-2127-422B-91AE-364DA2661108https://lists.freebsd.org/archives/freebsd-security/2024-July/000283.html
AF854A3A-2127-422B-91AE-364DA2661108https://security.netapp.com/advisory/ntap-20240705-0006/
AF854A3A-2127-422B-91AE-364DA2661108https://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4VCBRQ7KMSIGBQ6A4SBL5PF326DIJIIV/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B2JUIFPA7H75Q2W3VXW2TUNHK6NVGOX4/
SEP@NLNETLABS.NLhttps://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RBR4H7RCVMJ6H76S4LLRSY5EBFTYWGXK/
SEP@NLNETLABS.NLhttps://lists.freebsd.org/archives/freebsd-security/2024-July/000283.html
SEP@NLNETLABS.NLhttps://security.netapp.com/advisory/ntap-20240705-0006/
SEP@NLNETLABS.NLhttps://www.nlnetlabs.nl/downloads/unbound/CVE-2024-1931.txt

CWE Details

CWE IDCWE NameDescription
CWE-835Loop with Unreachable Exit Condition ('Infinite Loop')The program contains an iteration or loop with an exit condition that cannot be reached, i.e., an infinite loop.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence