CVE-2024-27099

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 27, 2024

Updated: Feb 28, 2024

CWE ID 415

Summary

CVE-2024-27099 is a vulnerability affecting the uAMQP library, a C library used for AMQP 1.0 communication with Azure Cloud Services. The issue arises when the library encounters an incorrect `AMQP_VALUE` failed state during processing, resulting in a double free condition. This vulnerability may lead to Remote Code Execution (RCE) by exploiting the memory corruption. To mitigate this risk, it is recommended to update the submodule with the commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/uk6T0l
https://www.cve.org/CVERecord?id=CVE-2024-27099
https://nvd.nist.gov/vuln/detail/CVE-2024-27099

Back to Vulnerability Database

CVE-2024-27099

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations