CVE-2024-10918

Name

CVE-2024-10918

Description

Stack-based Buffer Overflow vulnerability in libmodbus v3.1.10 allows to overflow the buffer allocated for the Modbus response if the function tries to reply to a Modbus request with an unexpected length.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
prodsec@nozominetworks.com	https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-10918
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/03/msg00010.html

Source package	Branch	Version	Maintainer	Status
libmodbus	edge-community	3.1.10-r0	Oz Tiram <oz.tiram@gmail.com>	possibly vulnerable
libmodbus	3.22-community	3.1.10-r0	Oz Tiram <oz.tiram@gmail.com>	possibly vulnerable

References

Match rules

Vulnerable and fixed packages