Vulnerability Description
A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over localhost to port 8953, it can alter the configuration of unbound.service. This flaw allows an unprivileged attacker to manipulate a running instance, potentially altering forwarders, allowing them to track all queries forwarded by the local resolver, and, in some cases, disrupting resolving altogether.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Fedoraproject | Unbound | < 1.19.1-2.fc40 |
| Redhat | Codeready Linux Builder | 9.0 |
| Redhat | Codeready Linux Builder Eus | 9.2 |
| Redhat | Codeready Linux Builder Eus For Power Little Endian | 9.0_ppc64le |
| Redhat | Codeready Linux Builder For Arm64 | 9.0_aarch64 |
| Redhat | Codeready Linux Builder For Arm64 Eus | 9.4_aarch64 |
| Redhat | Codeready Linux Builder For Ibm Z Systems | 9.0_s390x |
| Redhat | Codeready Linux Builder For Ibm Z Systems Eus | 9.4_s390x |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux Eus | 8.6 |
| Redhat | Enterprise Linux For Arm 64 | 8.0_aarch64 |
| Redhat | Enterprise Linux For Arm 64 Eus | 8.6_aarch64 |
| Redhat | Enterprise Linux For Ibm Z Systems | 8.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 8.6_s390x |
| Redhat | Enterprise Linux For Power Little Endian | 8.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Eus | 8.6_ppc64le |
| Redhat | Enterprise Linux Server Aus | 8.2 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 8.2_ppc64le |
| Redhat | Enterprise Linux Server Tus | 8.2 |
Related Weaknesses (CWE)
References
- https://access.redhat.com/errata/RHSA-2024:1750Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1751Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1780Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1801Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1802Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1804Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:2587Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:2696Third Party Advisory
- https://access.redhat.com/errata/RHSA-2025:0837
- https://access.redhat.com/security/cve/CVE-2024-1488Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2264183Issue TrackingPatch
- https://access.redhat.com/errata/RHSA-2024:1750Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1751Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1780Third Party Advisory
- https://access.redhat.com/errata/RHSA-2024:1801Third Party Advisory
FAQ
What is CVE-2024-1488?
CVE-2024-1488 is a vulnerability with a CVSS score of 8.0 (HIGH). A vulnerability was found in Unbound due to incorrect default permissions, allowing any process outside the unbound group to modify the unbound runtime configuration. If a process can connect over loc...
How severe is CVE-2024-1488?
CVE-2024-1488 has been rated HIGH with a CVSS base score of 8.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2024-1488?
Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Unbound, Redhat Codeready Linux Builder, Redhat Codeready Linux Builder Eus, Redhat Codeready Linux Builder Eus For Power Little Endian, Redhat Codeready Linux Builder For Arm64.