CVE-2024-28084 - Vulnerability Details - OpenCVE

p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact partial

Vendors	Products
Fedoraproject	Fedora
Intel	Inet Wireless Daemon

Configuration 1 [-]

cpe:2.3:a:intel:inet_wireless_daemon:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:fedoraproject:fedora:39:::::::*
	cpe:2.3:o:fedoraproject:fedora:40:::::::*

No data.

References

Link	Providers
https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d
https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/

History

Thu, 27 Mar 2025 21:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Wed, 08 Jan 2025 16:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Fedoraproject Fedoraproject fedora Intel Intel inet Wireless Daemon
Weaknesses		CWE-665
CPEs		cpe:2.3:a:intel:inet_wireless_daemon:::::::: cpe:2.3:o:fedoraproject:fedora:39:::::::* cpe:2.3:o:fedoraproject:fedora:40:::::::*
Vendors & Products		Fedoraproject Fedoraproject fedora Intel Intel inet Wireless Daemon
Metrics		cvssV3_1 `{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}`

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-03-03T00:00:00.000Z

Updated: 2025-03-27T20:15:46.086Z

Reserved: 2024-03-03T00:00:00.000Z

Link: CVE-2024-28084

Vulnrichment

Updated: 2024-08-02T00:48:48.206Z

NVD

Status : Modified

Published: 2024-03-03T21:15:49.963

Modified: 2025-03-27T21:15:46.983

Link: CVE-2024-28084

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2024-28084", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-03-27T20:15:46.086Z", "dateReserved": "2024-03-03T00:00:00.000Z", "datePublished": "2024-03-03T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-23T02:06:55.521Z"}, "descriptions": [{"lang": "en", "value": "p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d"}, {"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb"}, {"name": "FEDORA-2024-4ef5edfb2a", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/"}, {"name": "FEDORA-2024-3fa713f2e0", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-665", "lang": "en", "description": "CWE-665 Improper Initialization"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-03-04T14:31:48.651824Z", "id": "CVE-2024-28084", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T20:15:46.086Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:48.206Z"}, "title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb", "tags": ["x_transferred"]}, {"name": "FEDORA-2024-4ef5edfb2a", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/"}, {"name": "FEDORA-2024-3fa713f2e0", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/"}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d", "tags": ["x_transferred"]}, {"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/", "name": "FEDORA-2024-4ef5edfb2a", "tags": ["vendor-advisory", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/", "name": "FEDORA-2024-3fa713f2e0", "tags": ["vendor-advisory", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T00:48:48.206Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2024-28084", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-03-04T14:31:48.651824Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-665", "description": "CWE-665 Improper Initialization"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-05T15:20:41.235Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d"}, {"url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/", "name": "FEDORA-2024-4ef5edfb2a", "tags": ["vendor-advisory"]}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/", "name": "FEDORA-2024-3fa713f2e0", "tags": ["vendor-advisory"]}], "descriptions": [{"lang": "en", "value": "p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2024-03-23T02:06:55.521Z"}}}, "cveMetadata": {"cveId": "CVE-2024-28084", "state": "PUBLISHED", "dateUpdated": "2025-03-27T20:15:46.086Z", "dateReserved": "2024-03-03T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2024-03-03T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:intel:inet_wireless_daemon:*:*:*:*:*:*:*:*", "matchCriteriaId": "FC747940-B0AA-4866-9CAE-D0140D7C03C4", "versionEndIncluding": "2.15", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "p2putil.c in iNet wireless daemon (IWD) through 2.15 allows attackers to cause a denial of service (daemon crash) or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails."}, {"lang": "es", "value": "p2putil.c en iNet wireless daemon (IWD) hasta 2.15 permite a los atacantes provocar una denegaci\u00f3n de servicio (ca\u00edda del daemon) o posiblemente tener otro impacto no especificado debido a problemas de inicializaci\u00f3n en situaciones en las que falla el an\u00e1lisis de la informaci\u00f3n del servicio anunciado."}], "id": "CVE-2024-28084", "lastModified": "2025-03-27T21:15:46.983", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2024-03-03T21:15:49.963", "references": [{"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/"}, {"source": "cve@mitre.org", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=52a47c9fd428904de611a90cbf8b223af879684d"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://git.kernel.org/pub/scm/network/wireless/iwd.git/commit/?id=d34b4e16e045142590ed7cb653e01ed0ae5362eb"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4KSGT4IZ23CJBOQA3AFYEMBJ5OHFZBMK/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/AYRPQ3OLV3GGLUCDYWBHU34DLBLM62XJ/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-665"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-665"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}