CVE-2024-27099

Name of the Vulnerable Software and Affected Versions uAMQP (affected versions not specified)

Description The uAMQP library, used for AMQP 1.0 communication to Azure Cloud Services, contains an error related to the incorrect processing of an AMQP VALUE failed state, which may cause a double free problem. This issue can potentially allow a remote attacker to execute arbitrary code, leading to a remote code execution (RCE) scenario.

Recommendations Update the submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987 to resolve the issue. As a temporary workaround, consider restricting the use of the AMQP VALUE processing functionality until the update is applied.