CVE-2024-54129

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2024-54129

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-54129.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-54129

Aliases

GHSA-393w-w6jh-pq3j

Published

2024-12-05T15:13:53.901Z

Modified

2026-04-10T05:19:04.495909Z

Severity

9.2 (Critical) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H CVSS Calculator

Summary

Improper Initialization of `imc` Scheme Leading to `SIGABRT` in ION-DTN BPv7

Details

The NASA’s Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A vulnerability exists in the version ION-DTN BPv7 implementation version 4.1.3 when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part (SSP) in their Previous Node Block. The vulnerability can cause ION to become unresponsive. This vulnerability is fixed in 4.1.3s.

Database specific

{
    "cwe_ids": [
        "CWE-665"
    ],
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/54xxx/CVE-2024-54129.json",
    "cna_assigner": "GitHub_M"
}

References

Affected packages

Git / github.com/nasa-jpl/ion-dtn

Affected ranges

Type

GIT

Repo

https://github.com/nasa-jpl/ion-dtn

Events

Introduced

Fixed

236eec4f84c333b2886084f4b70435cb4b8e21b8

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "4.1.3s"
        }
    ]
}

Affected versions

IOS-4.*

IOS-4.1.1

ion-2.*

ion-2.1.0

ion-2.2.0

ion-2.2.1

ion-2.2.1b

ion-2.3.0

ion-2.4.0

ion-2.5.0

ion-3.*

ion-3.0.0

ion-3.1.0

ion-3.2.0

ion-3.3.0

ion-3.4.0

ion-3.5.0

ion-3.6.0

ion-4.*

ion-4.1.1-release

ion-open-source-4.*

ion-open-source-4.1.1

ion-open-source-4.1.2

ion-open-source-4.1.3

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-54129.json"