Description

There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPC_ARG_TCP_TX_ZEROCOPY_ENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network thus leading the receiver to receive an incorrect set of bytes causing RPC requests to fail. We recommend upgrading past commit e9046b2bbebc0cb7f5dc42008f807f6c7e98e791

INFO

Published Date :

2024-11-26T16:59:49.718Z

Last Modified :

2024-11-26T21:04:58.031Z

Source :

Google
AFFECTED PRODUCTS

The following products are affected by CVE-2024-11407 vulnerability.

Vendors Products
Grpc
  • Grpc
Redhat
  • Ansible Automation Platform
  • Satellite
  • Satellite Capsule
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-11407.

URL Resource
https://github.com/grpc/grpc/commit/e9046b2bbebc0cb7f5dc42008f807f6c7e98e791 cve-icon cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2024-11407 cve-icon
https://www.cve.org/CVERecord?id=CVE-2024-11407 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability
Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact