CVE
CVE-2024-52533
| CVE ID |
CVE-2024-52533
|
|---|---|
| CVSS Score |
NA
|
| Operating System | |
| Affected Versions | |
| Patched Versions |
glib2-2.56.4-156_ol001.el8
|
| Patch Date |
|
| Last Updated Date | |
| Vector String |
Additional Information
OL CVE Issue Summary:
`SOCKS4_CONN_MSG_LEN` failed to account for the length of the final null byte in the connect message, which is an addition in `SOCKSv4a`.
This means that the buffer for building and transmitting the connect message could overflow if the username and hostname are both `SOCKS4_MAX_LEN` (255)bytes long.
Proxy configurations are normally statically configured, so the username is unlikely to be near its maximum length, and hence this overflow is unlikely to be triggered in practice.