CRITICAL🇵🇱 Wersja polska

CVE-2024-25110

CVSS 9.8v3.1pub. 2024-02-12upd. 2024-11-22

The UAMQP is a general purpose C library for AMQP 1.0. During a call to open_get_offered_capabilities, a memory allocation may fail causing a use-after-free issue and if a client called it during connection communication it may cause a remote code execution. Users are advised to update the submodule with commit `30865c9c`. There are no known workarounds for this vulnerability.

🤖 AI Analysis
How it works

During the invocation of the open_get_offered_capabilities function, a memory allocation failure can occur. As a result of this error, a pointer to an already freed memory area remains in use (use-after-free, CWE-416), leading to uncontrolled memory access. If the call to the faulty function occurs during active communication with a client, an attacker can trigger arbitrary code execution (RCE, CWE-94) on the vulnerable system. Exploitation is possible remotely, without authentication and without user interaction.

Impact

An attacker can remotely execute arbitrary code on a system using the vulnerable library, gaining full control over the process handling AMQP connections. This can lead to violations of confidentiality, integrity, and availability of the system.

Mitigation & patch

The azure-uamqp-c submodule should be updated to commit 30865c9ccedaa32ddb036e87a8ebb52c3f18f695 according to the vendor's recommendation. The vendor does not indicate any workarounds for this vulnerability.

Who is affected

The azure-uamqp-c library (Microsoft Azure UAMQP) — versions preceding commit 30865c9c; specific versions indicated in vendor references.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Microsoft Azure Uamqp

    APP
    Microsoft
    < 2024-02-01
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
RCEMemory
CWE
References

Related vulnerabilities

CVE-2024-27099CRITICAL9.8PL ✓ten sam produkt

Double free w bibliotece uAMQP-C prowadzący do RCE w Azure

CVE-2024-21646CRITICAL9.8PL ✓ten sam produkt

RCE w bibliotece Azure uAMQP-C przez integer overflow

CVE-2026-8398CRITICAL9.3⚠ KEVPL ✓ten sam vendor

Atak na łańcuch dostaw DAEMON Tools Lite — trojanizacja instalatorów

CVE-2026-20963CRITICAL9.8⚠ KEVPL ✓ten sam vendor

RCE przez deserializację niezaufanych danych w Microsoft SharePoint Server

CVE-2025-59287CRITICAL9.8⚠ KEVPL ✓ten sam vendor

RCE w Windows Server Update Service (WSUS) — deserializacja danych