CVE-2024-52337

EUVD-2024-46269

26.11.2024, 16:15

A log spoofing flaw was found in the Tuned package due to improper sanitization of some API arguments. This flaw allows an attacker to pass a controlled sequence of characters; newlines can be inserted into the log. Instead of the 'evil' the attacker could mimic a valid TuneD log line and trick the administrator. The quotes '' are usually used in TuneD logs citing raw user input, so there will always be the ' character ending the spoofed input, and the administrator can easily overlook this. This logged string is later used in logging and in the output of utilities, for example, `tuned-adm get_instances` or other third-party programs that use Tuned's D-Bus interface for such operations.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	5.5 MEDIUM	LOCAL	LOW	LOW	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Awaiting analysis

This vulnerability is currently awaiting analysis.

Base Score

CVSS 3.x

EPSS Score

Percentile: 10%

Debian Releases

Debian Product

Codename

tuned

bookworm	2.20.0-1 not-affected
bullseye	2.15.0-1 not-affected
forky	2.26.0-1 fixed
sid	2.26.0-1 fixed
trixie	2.25.1-1 fixed

Ubuntu Releases

Ubuntu Product

Codename

tuned

bionic	needs-triage
focal	needs-triage
jammy	needs-triage
noble	needs-triage
oracular	ignored
plucky	needs-triage
questing	needs-triage

Red Hat Enterprise Linux Releases

Red Hat Product

Release

tuned

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-gtk

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-ppd

RHEL 9

0:2.24.0-2.el9_5

fixed

tuned-profiles-atomic

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-compat

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed

tuned-profiles-cpu-partitioning

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-mssql

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-nfv

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-nfv-guest

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-nfv-host

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-oracle

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-postgresql

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-realtime

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-sap

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-sap-hana

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-profiles-spectrumscale

RHEL 9

0:2.24.0-2.el9_5

fixed

tuned-utils

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed
RHEL 9	0:2.24.0-2.el9_5 fixed

tuned-utils-systemtap

RHEL 8	0:2.22.1-5.el8_10 fixed
RHEL 8.4 AUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 E4S	0:2.20.0-1.el8_4.2 fixed
RHEL 8.4 TUS	0:2.20.0-1.el8_4.2 fixed
RHEL 8.6 AUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 E4S	0:2.20.0-1.el8_6.2 fixed
RHEL 8.6 TUS	0:2.20.0-1.el8_6.2 fixed
RHEL 8.8 AUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 E4S	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 EUS	0:2.20.0-2.el8_8.1 fixed
RHEL 8.8 TUS	0:2.20.0-2.el8_8.1 fixed