PT-2024-4044 · Unknown+11 · Archive/Zip+11

Ouuan

+1

·

Published

2024-06-04

·

Updated

2025-05-26

·

CVE-2024-24789

CVSS v3.1

5.5

Medium

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Name of the Vulnerable Software and Affected Versions archive/zip package (affected versions not specified)
Description The archive/zip package's handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create a zip file with contents that vary depending on the implementation reading the file. The issue is related to the incorrect handling of zip files, which could allow an attacker to create an arbitrary zip file.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

RCE

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-200

Related Identifiers

ALSA-2024:4212
ALSA-2024:4237
ALSA-2024:5258
ALSA-2024:5291
ALSA-2024:9115
ALT-PU-2024-11781
ALT-PU-2024-11872
ALT-PU-2024-13971
ALT-PU-2024-8797
ALT-PU-2024-8801
ALT-PU-2024-9856
AZL-42389
AZL-42412
AZL-42415
AZL-52663
AZL-79044
BDU:2024-04485
BIT-GOLANG-2024-24789
CESA-2024_4237
CESA-2024_5258
CESA-2024_5291
CVE-2024-24789
GHSA-236W-P7WF-5PH8
GO-2024-2888
INFSA-2024_4212
INFSA-2024_4237
INFSA-2024_5258
INFSA-2024_5291
INFSA-2024_9102
INFSA-2024_9115
MGASA-2024-0217
OESA-2024-1769
OESA-2024-1771
OESA-2024-1772
OESA-2024-1791
OPENSUSE-SU-2024:14020-1
OPENSUSE-SU-2024:14023-1
OPENSUSE-SU-2024:14050-1
OPENSUSE-SU-2024_1970-1
OPENSUSE-SU-2024_3089-1
OPENSUSE-SU-2024_3755-1
RHSA-2024:3722
RHSA-2024:4212
RHSA-2024:4237
RHSA-2024:4867
RHSA-2024:5258
RHSA-2024:5291
RHSA-2024:9102
RHSA-2024:9115
RHSA-2024_4212
RHSA-2024_4237
RHSA-2024_5258
RHSA-2024_5291
RHSA-2024_9102
RHSA-2024_9115
RLSA-2024:4212
RLSA-2024:5258
RLSA-2024:9102
SUSE-SU-2024:1935-1
SUSE-SU-2024:1936-1
SUSE-SU-2024:1969-1
SUSE-SU-2024:1970-1
SUSE-SU-2024:3089-1
SUSE-SU-2024:3360-1
SUSE-SU-2024:3755-1
SUSE-SU-2024:3772-1
SUSE-SU-2024:3938-1
SUSE-SU-2024_1935-1
SUSE-SU-2024_1936-1
SUSE-SU-2024_1969-1
SUSE-SU-2024_1970-1
SUSE-SU-2024_3360-1
USN-6886-1
USN-7109-1
USN-7111-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Debian
Linuxmint
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Archive/Zip