Vulnerability DatabaseCVE-2024-45491

CVE-2024-45491:
Bottlerocket vulnerability analysis and mitigation

Overview

An issue was discovered in libexpat before 2.6.3. The vulnerability involves an integer overflow condition in the dtdCopy function within xmlparse.c, specifically affecting nDefaultAtts on 32-bit platforms where UINTMAX equals SIZEMAX (NVD, Debian Tracker).

Technical details

The vulnerability is tracked as CVE-2024-45491 and has received a CVSS v3.1 Base Score of 9.8 (Critical) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. The issue specifically occurs in the dtdCopy function within xmlparse.c where an integer overflow can occur for nDefaultAtts parameter on 32-bit platforms with specific size constraints (NVD, NetApp Advisory).

Impact

Successful exploitation of this vulnerability could lead to multiple severe consequences including disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS). The critical CVSS score of 9.8 indicates the potential for high impact across confidentiality, integrity, and availability (NetApp Advisory).

Mitigation and workarounds

The vulnerability has been fixed in libexpat version 2.6.3. Users are advised to upgrade to this version or later to address the security issue. The fix was implemented through a patch that detects integer overflow in the dtdCopy function (GitHub PR).

Additional resources

Source: This report was generated using AI

9.8

Score

Published August 30, 2024

Severity CRITICAL

CNA Score 7.3

Affected Technologies

Bottlerocket
Rocky Linux

Has Public Exploit No

Has CISA KEV Exploit No

CISA KEV Release Date N/A

CISA KEV Due Date N/A

Exploitation Probability Percentile (EPSS) 25.7

Exploitation Probability (EPSS) 0.1

Sources

NVD
AlmaLinux Security Advisory
- AlmaLinux 8 Severity MEDIUMHas FixAdded at: Sep 26, 2024
- AlmaLinux 9 Severity MEDIUMHas FixAdded at: Sep 22, 2024
Alpine Security Tracker
- Alpine 3.17, 3.18, 3.19, 3.20, edge Severity CRITICALHas FixAdded at: Sep 05, 2024
- Alpine 3.21 Severity CRITICALHas FixAdded at: Dec 08, 2024
- Alpine 3.22 Severity CRITICALHas FixAdded at: Jun 01, 2025
Bottlerocket GitHub Security Advisories
- Bottlerocket Severity MEDIUMHas FixAdded at: Sep 15, 2024
CBL-Mariner
- CBL-Mariner 2.0 Severity CRITICALHas FixAdded at: Sep 15, 2024
- CBL-Mariner 3.0 Severity CRITICALHas FixAdded at: May 04, 2025
Container-Optimized OS Release Notes
- Container-Optimized OS Severity CRITICALHas FixAdded at: Sep 19, 2024
Debian Security Tracker
- Debian 11, 12, 13 Severity CRITICALHas FixAdded at: Sep 01, 2024
Gentoo Advisory Database
- Gentoo Severity HIGHHas FixAdded at: Jan 23, 2025
Photon Security Advisory
- Photon 3.0 Severity CRITICALHas FixAdded at: Sep 19, 2024
- Photon 4.0, 5.0 Severity CRITICALHas FixAdded at: Sep 05, 2024
Red Hat Errata
- Red Hat 6, 7 Severity MEDIUMNo FixAdded at: Sep 05, 2024
- Red Hat 8 Severity MEDIUMHas FixAdded at: Sep 08, 2024
- Red Hat 9 Severity MEDIUMHas FixAdded at: Sep 08, 2024
Rocky Linux Product Errata
- Rocky 8 Severity MEDIUMHas FixAdded at: Oct 01, 2024
- Rocky 9 Severity MEDIUMHas FixAdded at: Oct 03, 2024
Ubuntu Security Tracker
- Ubuntu 14.04, 16.04, 18.04, 22.04, 24.04 Severity MEDIUMHas FixAdded at: Sep 08, 2024
- Ubuntu 20.04 Severity MEDIUMHas FixAdded at: Sep 05, 2024
- Ubuntu 24.10 Severity MEDIUMHas FixAdded at: Dec 10, 2024
- Ubuntu 25.04 Severity MEDIUMHas FixAdded at: May 08, 2025