CVE-2024-26190

CVE-2024-26190

Name

CVE-2024-26190

Description

Microsoft QUIC Denial of Service Vulnerability

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vendor-advisory	https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190

Type

URI

vendor-advisory

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-26190

Match rules

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:microsoft:visual_studio:2022:::::::*`	visual-studio	>= 17.0	< 17.9.3
`cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:::::::*`	windows-server-2022	>= 10.0.0	< 10.0.20348.2340
`cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:::::::*`	windows-server-2022	>= 10.0.0	< 10.0.20348.2333
`cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836::::::x64:`	windows-11-21h2	>= 10.0.0	< 10.0.22000.2836
`cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296::::::arm64:`	windows-11-22h2	>= 10.0.0	< 10.0.22621.3296
`cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296::::::arm64:`	windows-11-23h2	>= 10.0.0	< 10.0.22631.3296
`cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296::::::x64:`	windows-11-23h2	>= 10.0.0	< 10.0.22631.3296
`cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.763:::::::*`	windows-server-23h2	>= 10.0.0	< 10.0.25398.763
`cpe:2.3:a:microsoft:powershell:7.3:-::::::`	powershell	>= 7.3.0	< 7.3.12
`cpe:2.3:a:microsoft:powershell:7.4:-::::::`	powershell	>= 7.4.0	< 7.4.2
`cpe:2.3:a:microsoft:visual_studio_2022:17.4:::::::*`	visual-studio-2022	>= 17.4.0	< 17.4.17
`cpe:2.3:a:microsoft:visual_studio:2022:::::::*`	visual-studio	>= 17.6.0	< 17.6.13
`cpe:2.3:a:microsoft:visual_studio:2022:::::::*`	visual-studio	>= 17.8.0	< 17.8.8
`cpe:2.3:a:microsoft:.net:7.0.0:::::::*`	.net	>= 7.0.0	< 7.0.17
`cpe:2.3:a:microsoft:.net:8.0.0:::::::*`	.net	>= 1.0.0	< 8.0.3
`cpe:2.3:a:microsoft:.net::::::::`	.net	>= 8.0.0	< 8.0.3
`cpe:2.3:a:microsoft:powershell::::::::`	powershell	>= 7.3	< 7.3.12
`cpe:2.3:a:microsoft:powershell::::::::`	powershell	>= 7.4	< 7.4.2
`cpe:2.3:a:microsoft:visual_studio_2022::::::::`	visual_studio_2022	>= 17.4.0	< 17.4.17
`cpe:2.3:a:microsoft:visual_studio_2022::::::::`	visual_studio_2022	>= 17.6.0	< 17.6.13
`cpe:2.3:a:microsoft:visual_studio_2022::::::::`	visual_studio_2022	>= 17.8.0	< 17.8.8
`cpe:2.3:a:microsoft:visual_studio_2022::::::::`	visual_studio_2022	>= 17.9.0	< 17.9.3
`cpe:2.3:o:microsoft:windows_11_21h2::::::::`	windows_11_21h2	>= None	< 10.0.22000.2836
`cpe:2.3:o:microsoft:windows_11_22h2::::::::`	windows_11_22h2	>= None	< 10.0.22621.3296
`cpe:2.3:o:microsoft:windows_11_23h2::::::::`	windows_11_23h2	>= None	< 10.0.22631.3296
`cpe:2.3:o:microsoft:windows_server_2022::::::::`	windows_server_2022	>= None	< 10.0.20348.2340
`cpe:2.3:o:microsoft:windows_server_2022_23h2::::::::`	windows_server_2022_23h2	>= None	< 10.0.25398.763

CPE URI

Source package

Min version

Max version

cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*

visual-studio

>= 17.0

< 17.9.3

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:*:*:*:*:*:*:*

windows-server-2022

>= 10.0.0

< 10.0.20348.2340

cpe:2.3:o:microsoft:windows_server_2022:10.0.20348.2340:*:*:*:*:*:*:*

windows-server-2022

>= 10.0.0

< 10.0.20348.2333

cpe:2.3:o:microsoft:windows_11_21H2:10.0.22000.2836:*:*:*:*:*:x64:*

windows-11-21h2

>= 10.0.0

< 10.0.22000.2836

cpe:2.3:o:microsoft:windows_11_22H2:10.0.22621.3296:*:*:*:*:*:arm64:*

windows-11-22h2

>= 10.0.0

< 10.0.22621.3296

cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:arm64:*

windows-11-23h2

>= 10.0.0

< 10.0.22631.3296

cpe:2.3:o:microsoft:windows_11_23H2:10.0.22631.3296:*:*:*:*:*:x64:*

windows-11-23h2

>= 10.0.0

< 10.0.22631.3296

cpe:2.3:o:microsoft:windows_server_23h2:10.0.25398.763:*:*:*:*:*:*:*

windows-server-23h2

>= 10.0.0

< 10.0.25398.763

cpe:2.3:a:microsoft:powershell:7.3:-:*:*:*:*:*:*

powershell

>= 7.3.0

< 7.3.12

cpe:2.3:a:microsoft:powershell:7.4:-:*:*:*:*:*:*

powershell

>= 7.4.0

< 7.4.2

cpe:2.3:a:microsoft:visual_studio_2022:17.4:*:*:*:*:*:*:*

visual-studio-2022

>= 17.4.0

< 17.4.17

cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*

visual-studio

>= 17.6.0

< 17.6.13

cpe:2.3:a:microsoft:visual_studio:2022:*:*:*:*:*:*:*

visual-studio

>= 17.8.0

< 17.8.8

cpe:2.3:a:microsoft:.net:7.0.0:*:*:*:*:*:*:*

.net

>= 7.0.0

< 7.0.17

cpe:2.3:a:microsoft:.net:8.0.0:*:*:*:*:*:*:*

.net

>= 1.0.0

< 8.0.3

cpe:2.3:a:microsoft:.net:*:*:*:*:*:*:*:*

.net

>= 8.0.0

< 8.0.3

cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*

powershell

>= 7.3

< 7.3.12

cpe:2.3:a:microsoft:powershell:*:*:*:*:*:*:*:*

powershell

>= 7.4

< 7.4.2

cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

visual_studio_2022

>= 17.4.0

< 17.4.17

cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

visual_studio_2022

>= 17.6.0

< 17.6.13

cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

visual_studio_2022

>= 17.8.0

< 17.8.8

cpe:2.3:a:microsoft:visual_studio_2022:*:*:*:*:*:*:*:*

visual_studio_2022

>= 17.9.0

< 17.9.3

cpe:2.3:o:microsoft:windows_11_21h2:*:*:*:*:*:*:*:*

windows_11_21h2

>= None

< 10.0.22000.2836

cpe:2.3:o:microsoft:windows_11_22h2:*:*:*:*:*:*:*:*

windows_11_22h2

>= None

< 10.0.22621.3296

cpe:2.3:o:microsoft:windows_11_23h2:*:*:*:*:*:*:*:*

windows_11_23h2

>= None

< 10.0.22631.3296

cpe:2.3:o:microsoft:windows_server_2022:*:*:*:*:*:*:*:*

windows_server_2022

>= None

< 10.0.20348.2340

cpe:2.3:o:microsoft:windows_server_2022_23h2:*:*:*:*:*:*:*:*

windows_server_2022_23h2

>= None

< 10.0.25398.763

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
powershell	edge-community	7.3.10-r0	Antoine Martin (ayakael) <dev@ayakael.net>	possibly vulnerable
powershell	3.22-community	7.3.10-r0	None	possibly vulnerable
dotnet8-runtime	edge-community	8.0.3-r0	Antoine Martin (ayakael) <dev@ayakael.net>	fixed
dotnet8-runtime	3.22-community	8.0.3-r0	None	fixed
dotnet8-runtime	3.21-community	8.0.3-r0	None	fixed
dotnet8-runtime	3.20-community	8.0.3-r0	None	fixed
dotnet7-runtime	3.19-community	7.0.17-r0	Antoine Martin (ayakael) <dev@ayakael.net>	fixed
dotnet7-build	3.19-community	7.0.117-r0	Antoine Martin (ayakael) <dev@ayakael.net>	fixed

Source package

Branch

Version

Maintainer

Status

powershell

edge-community

7.3.10-r0

Antoine Martin (ayakael) <dev@ayakael.net>

possibly vulnerable

powershell

3.22-community