CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-52337

Medium Severity
SVRS
30/100
CVSSv3
5.5/10
EPSS
0.0007/1

CVE-2024-52337 is a log spoofing vulnerability in the Tuned package that can allow attackers to inject malicious log entries. This flaw arises from improper sanitization of API arguments, enabling an attacker to insert arbitrary newlines and mimic valid Tuned log lines. While the CVSS score is 5.5, the SOCRadar Vulnerability Risk Score (SVRS) is 30, indicating a lower risk level compared to critical vulnerabilities. However, the presence of "In The Wild" in the tags suggests potential real-world exploitation. An attacker could exploit this by manipulating logs to hide malicious activities or mislead administrators using spoofed log data. This vulnerability is significant because it could compromise the integrity of system logs, potentially hindering incident response and forensic investigations. The crafted log entries could also impact third-party programs consuming Tuned's D-Bus interface, leading to unexpected behavior or security breaches. Therefore, patching is recommended, to maintain log integrity and prevent potential security incidents.

TAGS
In The Wild
X_refsource_REDHAT
Vdb-entry
Vendor-advisory
Issue-tracking
VECTOR STRING
CVSS:3.1
AV:L
AC:L
PR:L
UI:N
S:U
C:N
I:H
A:N
PUBLICATION DATE2025-05-01
LAST MODIFIED2024-11-26
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-52337 is a recently disclosed vulnerability, with limited information available at this time. The vulnerability is actively being exploited in the wild, making it a critical concern. While the CVSS score is currently 0, the SOCRadar Vulnerability Risk Score (SVRS) is 52, indicating a significant risk requiring immediate attention. This indicates that even though the CVSS is low due to insufficient data, SOCRadar's unique approach, factoring in real-world exploitation and other intelligence elements, deems this CVE a high priority.

Key Insights

  • Active Exploitation: The vulnerability is being actively exploited by hackers, indicating a high level of threat. This suggests the existence of working exploits, making swift remediation crucial.
  • Data Scarcity: The lack of a detailed description and a CVSS score of 0 suggests limited information is publicly available about the vulnerability. This makes it difficult to assess its full impact and devise comprehensive mitigation strategies.
  • SVRS as Indicator: Despite limited data, the SVRS score of 52 points to a significant threat. This indicates that the SVRS analysis has identified strong indicators of risk, highlighting the need for proactive and urgent action.
  • Potential for Wide Impact: As the vulnerability is in the wild, it's crucial to assume it could affect a wide range of systems and applications. The lack of detailed information increases the difficulty in identifying affected systems and developing targeted defenses.

Mitigation Strategies

  • Immediate Patching: As soon as the vulnerability's details are available, apply security patches and updates to affected systems.
  • Enhanced Monitoring: Implement advanced security monitoring and detection systems to identify potential exploitation attempts related to CVE-2024-52337.
  • Threat Intelligence Integration: Leverage external threat intelligence feeds and data sources to stay informed about attack techniques, indicators of compromise, and potential exploit tools associated with the vulnerability.
  • Vulnerability Scanning: Perform frequent vulnerability scans to identify potential weaknesses in systems and applications, allowing for rapid identification of vulnerabilities and the prioritization of mitigation actions.

Additional Information

Due to the limited information available, it's crucial to stay informed about any updates or new information regarding this vulnerability. For additional information, you can use the "Ask to Analyst" feature on SOCRadar's platform, contact SOCRadar directly, or open a support ticket for further assistance.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337)
2024-11-28
tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) | Posted by Matthias Gerstner on Nov 28Hello list, this is a report a about a local root exploit and some other issues in tuned [1]. We also offer a rendered version of this report on our blog [2]. 1) Introduction =============== Tuned is a
seclists.org
rss
forum
news
Re: tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337)
2024-11-28
Re: tuned: local root exploit in D-Bus method instance_create and other issues in tuned >= 2.23 (CVE-2024-52336, CVE-2024-52337) | Posted by Simon McVittie on Nov 28This should be easily resolvable if the authors of tuned want to do so, without needing to resort to relying on hard-to-predict cookie values. Clients of the D-Bus system bus can identify other clients of the system bus, by calling the GetConnectionCredentials method on the message bus itself
seclists.org
rss
forum
news
CVE-2024-52337 | Red Hat Fast Datapath for RHEL/Enterprise Linux API input validation (Nessus ID 211879)
vuldb.com2024-11-27
CVE-2024-52337 | Red Hat Fast Datapath for RHEL/Enterprise Linux API input validation (Nessus ID 211879) | A vulnerability was found in Red Hat Fast Datapath for RHEL and Enterprise Linux and classified as problematic. This issue affects some unknown processing of the component API. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2024-52337. Local access is required
vuldb.com
rss
forum
news
CVE-2024-52337 | Red Hat Fast Datapath for RHEL/Enterprise Linux API input validation
vuldb.com2024-11-26
CVE-2024-52337 | Red Hat Fast Datapath for RHEL/Enterprise Linux API input validation | A vulnerability was found in Red Hat Fast Datapath for RHEL and Enterprise Linux and classified as problematic. This issue affects some unknown processing of the component API. The manipulation leads to improper input validation. The identification of this vulnerability is CVE-2024-52337. Local access is required to approach this
vuldb.com
rss
forum
news

Social Media

🗣 CVE-2024-52336 & CVE-2024-52337: Vulnerabilities in Linux Tuned Daemon https://t.co/vEHOLDtH8h
0
0
0
CVE-2024-52336 & CVE-2024-52337: Vulnerabilities in Linux Tuned Daemon Learn about the critical vulnerabilities in #Linux Tuned daemon and the security risks they pose. https://t.co/HEFqbhUIqp
0
0
0
CVE-2024-52336 & CVE-2024-52337: Vulnerabilities in Linux Tuned Daemon https://t.co/EJ8DVGCRUl
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
AF854A3A-2127-422B-91AE-364DA2661108https://security.opensuse.org/2024/11/26/tuned-instance-create.html
AF854A3A-2127-422B-91AE-364DA2661108https://www.openwall.com/lists/oss-security/2024/11/28/2
[email protected]https://access.redhat.com/errata/RHSA-2024:10381
[email protected]https://access.redhat.com/errata/RHSA-2024:10384
[email protected]https://access.redhat.com/errata/RHSA-2024:11161
[email protected]https://access.redhat.com/security/cve/CVE-2024-52337
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2324541
[email protected]https://security.opensuse.org/2024/11/26/tuned-instance-create.html
[email protected]https://www.openwall.com/lists/oss-security/2024/11/28/1
AF854A3A-2127-422B-91AE-364DA2661108https://security.opensuse.org/2024/11/26/tuned-instance-create.html
AF854A3A-2127-422B-91AE-364DA2661108https://www.openwall.com/lists/oss-security/2024/11/28/2
[email protected]https://access.redhat.com/errata/RHSA-2024:10381
[email protected]https://access.redhat.com/errata/RHSA-2024:10384
[email protected]https://access.redhat.com/errata/RHSA-2024:11161
[email protected]https://access.redhat.com/errata/RHSA-2025:0195
[email protected]https://access.redhat.com/security/cve/CVE-2024-52337
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2324541
[email protected]https://security.opensuse.org/2024/11/26/tuned-instance-create.html
[email protected]https://www.openwall.com/lists/oss-security/2024/11/28/1
AF854A3A-2127-422B-91AE-364DA2661108https://security.opensuse.org/2024/11/26/tuned-instance-create.html
AF854A3A-2127-422B-91AE-364DA2661108https://www.openwall.com/lists/oss-security/2024/11/28/2
[email protected]https://access.redhat.com/errata/RHSA-2024:10381
[email protected]https://access.redhat.com/errata/RHSA-2024:10384
[email protected]https://access.redhat.com/errata/RHSA-2024:11161
[email protected]https://access.redhat.com/errata/RHSA-2025:0195
[email protected]https://access.redhat.com/errata/RHSA-2025:0327
[email protected]https://access.redhat.com/security/cve/CVE-2024-52337
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2324541
[email protected]https://security.opensuse.org/2024/11/26/tuned-instance-create.html
[email protected]https://www.openwall.com/lists/oss-security/2024/11/28/1
AF854A3A-2127-422B-91AE-364DA2661108https://security.opensuse.org/2024/11/26/tuned-instance-create.html
AF854A3A-2127-422B-91AE-364DA2661108https://www.openwall.com/lists/oss-security/2024/11/28/2
[email protected]https://access.redhat.com/errata/RHSA-2024:10381
[email protected]https://access.redhat.com/errata/RHSA-2024:10384
[email protected]https://access.redhat.com/errata/RHSA-2024:11161
[email protected]https://access.redhat.com/errata/RHSA-2025:0195
[email protected]https://access.redhat.com/errata/RHSA-2025:0327
[email protected]https://access.redhat.com/errata/RHSA-2025:0368
[email protected]https://access.redhat.com/security/cve/CVE-2024-52337
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2324541
[email protected]https://security.opensuse.org/2024/11/26/tuned-instance-create.html
[email protected]https://www.openwall.com/lists/oss-security/2024/11/28/1
RHBZ#2324541https://bugzilla.redhat.com/show_bug.cgi?id=2324541
RHSA-2024:10381https://access.redhat.com/errata/RHSA-2024:10381
RHSA-2024:10384https://access.redhat.com/errata/RHSA-2024:10384
RHSA-2024:11161https://access.redhat.com/errata/RHSA-2024:11161
RHSA-2025:0195https://access.redhat.com/errata/RHSA-2025:0195
RHSA-2025:0327https://access.redhat.com/errata/RHSA-2025:0327
RHSA-2025:0368https://access.redhat.com/errata/RHSA-2025:0368
RHBZ#2324541https://bugzilla.redhat.com/show_bug.cgi?id=2324541
RHSA-2024:10381https://access.redhat.com/errata/RHSA-2024:10381
RHSA-2024:10384https://access.redhat.com/errata/RHSA-2024:10384
RHSA-2024:11161https://access.redhat.com/errata/RHSA-2024:11161
RHSA-2025:0195https://access.redhat.com/errata/RHSA-2025:0195
RHSA-2025:0327https://access.redhat.com/errata/RHSA-2025:0327
RHSA-2025:0368https://access.redhat.com/errata/RHSA-2025:0368
RHSA-2025:0879https://access.redhat.com/errata/RHSA-2025:0879
RHSA-2025:0880https://access.redhat.com/errata/RHSA-2025:0880
RHSA-2025:0881https://access.redhat.com/errata/RHSA-2025:0881
AF854A3A-2127-422B-91AE-364DA2661108https://security.opensuse.org/2024/11/26/tuned-instance-create.html
AF854A3A-2127-422B-91AE-364DA2661108https://www.openwall.com/lists/oss-security/2024/11/28/2
[email protected]https://access.redhat.com/errata/RHSA-2024:10381
[email protected]https://access.redhat.com/errata/RHSA-2024:10384
[email protected]https://access.redhat.com/errata/RHSA-2024:11161
[email protected]https://access.redhat.com/errata/RHSA-2025:0195
[email protected]https://access.redhat.com/errata/RHSA-2025:0327
[email protected]https://access.redhat.com/errata/RHSA-2025:0368
[email protected]https://access.redhat.com/errata/RHSA-2025:0879
[email protected]https://access.redhat.com/errata/RHSA-2025:0880
[email protected]https://access.redhat.com/errata/RHSA-2025:0881
[email protected]https://access.redhat.com/security/cve/CVE-2024-52337
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2324541
[email protected]https://security.opensuse.org/2024/11/26/tuned-instance-create.html
[email protected]https://www.openwall.com/lists/oss-security/2024/11/28/1
RHBZ#2324541https://bugzilla.redhat.com/show_bug.cgi?id=2324541
RHSA-2024:10381https://access.redhat.com/errata/RHSA-2024:10381
RHSA-2024:10384https://access.redhat.com/errata/RHSA-2024:10384
RHSA-2024:11161https://access.redhat.com/errata/RHSA-2024:11161
RHSA-2025:0195https://access.redhat.com/errata/RHSA-2025:0195
RHSA-2025:0327https://access.redhat.com/errata/RHSA-2025:0327
RHSA-2025:0368https://access.redhat.com/errata/RHSA-2025:0368
RHSA-2025:0879https://access.redhat.com/errata/RHSA-2025:0879
RHSA-2025:0880https://access.redhat.com/errata/RHSA-2025:0880
RHSA-2025:0881https://access.redhat.com/errata/RHSA-2025:0881
RHSA-2025:1785https://access.redhat.com/errata/RHSA-2025:1785
RHSA-2025:1802https://access.redhat.com/errata/RHSA-2025:1802
AF854A3A-2127-422B-91AE-364DA2661108https://security.opensuse.org/2024/11/26/tuned-instance-create.html
AF854A3A-2127-422B-91AE-364DA2661108https://www.openwall.com/lists/oss-security/2024/11/28/2
[email protected]https://access.redhat.com/errata/RHSA-2024:10381
[email protected]https://access.redhat.com/errata/RHSA-2024:10384
[email protected]https://access.redhat.com/errata/RHSA-2024:11161
[email protected]https://access.redhat.com/errata/RHSA-2025:0195
[email protected]https://access.redhat.com/errata/RHSA-2025:0327
[email protected]https://access.redhat.com/errata/RHSA-2025:0368
[email protected]https://access.redhat.com/errata/RHSA-2025:0879
[email protected]https://access.redhat.com/errata/RHSA-2025:0880
[email protected]https://access.redhat.com/errata/RHSA-2025:0881
[email protected]https://access.redhat.com/errata/RHSA-2025:1785
[email protected]https://access.redhat.com/errata/RHSA-2025:1802
[email protected]https://access.redhat.com/security/cve/CVE-2024-52337
[email protected]https://bugzilla.redhat.com/show_bug.cgi?id=2324541
[email protected]https://security.opensuse.org/2024/11/26/tuned-instance-create.html
[email protected]https://www.openwall.com/lists/oss-security/2024/11/28/1
GITHUBhttps://security.opensuse.org/2024/11/26/tuned-instance-create.html
GITHUBhttps://www.openwall.com/lists/oss-security/2024/11/28/1
RHBZ#2324541https://bugzilla.redhat.com/show_bug.cgi?id=2324541
RHSA-2024:10381https://access.redhat.com/errata/RHSA-2024:10381
RHSA-2024:10384https://access.redhat.com/errata/RHSA-2024:10384
RHSA-2024:11161https://access.redhat.com/errata/RHSA-2024:11161
RHSA-2025:0195https://access.redhat.com/errata/RHSA-2025:0195
RHSA-2025:0327https://access.redhat.com/errata/RHSA-2025:0327
RHSA-2025:0368https://access.redhat.com/errata/RHSA-2025:0368
RHSA-2025:0879https://access.redhat.com/errata/RHSA-2025:0879
RHSA-2025:0880https://access.redhat.com/errata/RHSA-2025:0880
RHSA-2025:0881https://access.redhat.com/errata/RHSA-2025:0881
RHSA-2025:1785https://access.redhat.com/errata/RHSA-2025:1785
RHSA-2025:1802https://access.redhat.com/errata/RHSA-2025:1802

CWE Details

CWE IDCWE NameDescription
CWE-20Improper Input ValidationThe product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence