CVE-2024-34244

CVE-2024-34244

Name

CVE-2024-34244

Description

libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
cve@mitre.org	https://github.com/stephane/libmodbus/issues/743

Type

URI

cve@mitre.org

https://github.com/stephane/libmodbus/issues/743

CPE URI	Source package	Min version	Max version
	n/a	== n/a	== n/a
`cpe:2.3:a:libmodbus:libmodbus:3.1.10:::::::*`	libmodbus	== None	== 3.1.10

CPE URI

Source package

Min version

Max version

n/a

== n/a

cpe:2.3:a:libmodbus:libmodbus:3.1.10:*:*:*:*:*:*:*

libmodbus

== None

== 3.1.10

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
libmodbus	edge-community	3.1.10-r0	Oz Tiram <oz.tiram@gmail.com>	possibly vulnerable
libmodbus	3.23-community	3.1.10-r0	Oz Tiram <oz.tiram@gmail.com>	possibly vulnerable
libmodbus	3.22-community	3.1.10-r0	Oz Tiram <oz.tiram@gmail.com>	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

libmodbus

edge-community

3.1.10-r0

Oz Tiram <oz.tiram@gmail.com>

possibly vulnerable

libmodbus

3.23-community