CVE-2024-6126

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-6126

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-6126.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2024-6126

Related

Published

2024-07-03T15:15:06Z

Modified

2024-11-12T15:46:22.010347Z

Summary

[none]

Details

A flaw was found in the cockpit package. This flaw allows an authenticated user to kill any process when enabling the pamenv's userreadenv option, which leads to a denial of service (DoS) attack.

References

Affected packages

Debian:11 / cockpit

Package

Name: cockpit
Purl: pkg:deb/debian/cockpit?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

Other

239-1

243-1

243-2

244-1

248-1

249-1

250-1

251-1~bpo10+1

251-1

251-2

252-1

254-1~bpo10+1

254-1

255-1

256-1~bpo11+1

256-1

257-1~bpo11+1

257-1

258-1

259-1~bpo11+1

259-1

259-2

260-1~bpo11+1

260-1

261-1~bpo11+1

261-1

262-1

263-1

264-1

265-1~bpo11+1

265-1

266-1~bpo11+1

266-1

267-1

269-1

271-1~bpo11+1

271-1

272-1~bpo11+1

272-1

273-1~bpo11+1

273-1

274-1

276-1

277-1

278-1

279-1~bpo11+1

279-1

280-1

282-1~bpo11+1

282-1

283-1~bpo11+1

283-1

284-1~bpo11+1

284-1

285-1~bpo11+1

285-1

286-1~bpo11+1

286-1

287-1~bpo11+1

287-1

289-1

290-1

291-1

292-1

293-1

294-1

295-1

296-1

297-1~bpo12+1

297-1

298-1

299-1~bpo12+1

299-1

300-1

301-1~bpo12+1

301-1

302-1

303-1~bpo12+1

303-1

304-1

305-1~bpo12+1

305-1

306-1~bpo12+1

306-1

307-1~bpo12+1

307-1

308-1~bpo12+1

308-1

309-1~bpo12+1

309-1

310-1

311-1~bpo12+1

311-1

312-1

313-1

314-1

316-1

317-1

317-2

317-3

317-4

317-5

318-1

318-2

318-3

318-4~bpo12+1

318-4

319-1~bpo12+1

319-1

320-1~bpo12+1

320-1

321-1

322-1~bpo12+1

322-1

323-1~bpo12+1

323-1

324-1~bpo12+1

324-1

325-1~bpo12+1

325-1

326-1

327-1~bpo12+1

327-1

328-1

276.*

276.1-1~bpo11+1

276.1-1

288.*

288.1-1

294.*

294.1-1

300.*

300.1-1~bpo12+1

300.1-1

310.*

310.1-1~bpo12+1

310.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / cockpit

Package

Name: cockpit
Purl: pkg:deb/debian/cockpit?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

287.1-0+deb12u3

Affected versions

Other

287-1

287.*

287.1-0+deb12u1

287.1-0+deb12u2

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / cockpit

Package

Name: cockpit
Purl: pkg:deb/debian/cockpit?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

320-1

Affected versions

Other

287-1

289-1

290-1

291-1

292-1

293-1

294-1

295-1

296-1

297-1~bpo12+1

297-1

298-1

299-1~bpo12+1

299-1

300-1

301-1~bpo12+1

301-1

302-1

303-1~bpo12+1

303-1

304-1

305-1~bpo12+1

305-1

306-1~bpo12+1

306-1

307-1~bpo12+1

307-1

308-1~bpo12+1

308-1

309-1~bpo12+1

309-1

310-1

311-1~bpo12+1

311-1

312-1

313-1

314-1

316-1

317-1

317-2

317-3

317-4

317-5

318-1

318-2

318-3

318-4~bpo12+1

318-4

319-1~bpo12+1

319-1

320-1~bpo12+1

288.*

288.1-1

294.*

294.1-1

300.*

300.1-1~bpo12+1

300.1-1

310.*

310.1-1~bpo12+1

310.1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}