CVE & CISA-KEV Catalog

CVE-2024-9050

HIGH
7.8
CVSS v3
NVD

Description

A flaw was found in the libreswan client plugin for NetworkManager (NetkworkManager-libreswan), where it fails to properly sanitize the VPN configuration from the local unprivileged user. In this configuration, composed by a key-value format, the plugin fails to escape special characters, leading the application to interpret values as keys. One of the most critical parameters that could be abused by a malicious user is the `leftupdown`key. This key takes an executable command as a value and is used to specify what executes as a callback in NetworkManager-libreswan to retrieve configuration settings back to NetworkManager. As NetworkManager uses Polkit to allow an unprivileged user to control the system's network configuration, a malicious actor could achieve local privilege escalation and potential code execution as root in the targeted machine by creating a malicious configuration.

How to fix

Remediation Available
NetworkManager-libreswanRed Hat / RHEL
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9.ppc64RHSA-2024:8357
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
NetworkManager-libreswanRocky
Fixed in:0:1.2.4-4.el7_9.ppc64RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
NetworkManager-libreswan-debuginfoRocky
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9.ppc64RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
NetworkManager-libreswan-debuginfoRed Hat / RHEL
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_9.ppc64RHSA-2024:8357
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
NetworkManager-libreswan-debugsourceRed Hat / RHEL
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
NetworkManager-libreswan-debugsourceRocky
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
NetworkManager-libreswan-gnomeRocky
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9.ppc64RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
NetworkManager-libreswan-gnomeRed Hat / RHEL
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_9.ppc64RHSA-2024:8357
Fixed in:0:1.2.4-4.el7_7RHSA-2024:8338
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
NetworkManager-libreswan-gnome-debuginfoRocky
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
NetworkManager-libreswan-gnome-debuginfoRed Hat / RHEL
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_4RHSA-2024:8355
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_2RHSA-2024:8358
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-7.el8_10RHSA-2024:8353
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_8RHSA-2024:8354
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.10-6.el8_6RHSA-2024:8356
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.18-6.el9_4RHSA-2024:9556
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-6.el9_2RHSA-2024:8352
Fixed in:0:1.2.22-4.el9_5RHSA-2024:9555
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312
Fixed in:0:1.2.14-3.el9_0RHSA-2024:8312

Remediation is compiled from vendor and distribution security advisories. Always confirm against the linked source for your exact version and platform.

CVSS v3 Vector

Exploitability

Attack VectorLocal
Attack ComplexityLow
Privileges RequiredLow
User InteractionNone
ScopeUnchanged

Impact

ConfidentialityHigh
IntegrityHigh
AvailabilityHigh

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploit Intelligence

0.45%probability of exploitation in 30 days
36thpercentile

Low risk: more likely to be exploited than 36% of all known CVEs.

References

Related Vulnerabilities

Other CWE-94 (Code Injection) vulnerabilities, ordered by exploit likelihood. View all

CVESeverityCVSSEPSSExploitedFix
CVE-2017-9841Critical9.8100%KEVFix
CVE-2015-1635Critical9.8100%KEV-
CVE-2022-22954Critical9.8100%KEV + Ransom-
CVE-2021-22204Medium6.8100%KEVFix
CVE-2025-3248Critical9.8100%KEVFix
CVE-2012-0158High8.8100%KEV-
Embed a live status badge for CVE-2024-9050
CVE-2024-9050 severity badge

Markdown

[![CVE-2024-9050](https://tridentstack.com/cve/badge/CVE-2024-9050.svg)](https://tridentstack.com/cve/CVE-2024-9050)

HTML

<a href="https://tridentstack.com/cve/CVE-2024-9050"><img src="https://tridentstack.com/cve/badge/CVE-2024-9050.svg" alt="CVE-2024-9050"></a>

Find and fix vulnerabilities across your fleet

TridentStack Control continuously scans your Windows, macOS, and Linux fleet for known vulnerabilities, prioritizes them by severity and active exploitation, and patches them automatically.

Start free

This product uses NVD data but is not endorsed or certified by the NVD. EPSS scores courtesy of FIRST.org (https://www.first.org/epss). Source: CISA KEV Catalog. Data as of 2026-06-26.