Unrated severityNVD Advisory· Published Mar 18, 2024· Updated Nov 20, 2025
Unixodbc: out of bounds stack write due to pointer-to-integer types conversion
CVE-2024-1013
Description
An out-of-bounds stack write flaw was found in unixODBC on 64-bit architectures where the caller has 4 bytes and callee writes 8 bytes. This issue may go unnoticed on little-endian architectures, while big-endian architectures can be broken.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
19cpe:/o:redhat:enterprise_linux:6+ 3 more
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:8
- cpe:/o:redhat:enterprise_linux:9
- osv-coords14 versionspkg:apk/chainguard/unixodbcpkg:apk/chainguard/unixodbc-configpkg:apk/chainguard/unixodbc-devpkg:apk/chainguard/unixodbc-docpkg:apk/chainguard/unixodbc-staticpkg:apk/wolfi/unixodbcpkg:apk/wolfi/unixodbc-configpkg:apk/wolfi/unixodbc-devpkg:apk/wolfi/unixodbc-docpkg:apk/wolfi/unixodbc-staticpkg:bitnami/unixodbcpkg:rpm/suse/unixODBC&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/unixODBC&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/unixODBC&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 2.3.12-r7+ 13 more
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)range: < 2.3.12-r7
- (no CPE)
- (no CPE)range: < 2.3.9-7.16.1
- (no CPE)range: < 2.3.9-7.16.1
- (no CPE)range: < 2.3.9-7.16.1
Patches
Vulnerability mechanics
References
3- access.redhat.com/security/cve/CVE-2024-1013mitrevdb-entryx_refsource_REDHAT
- bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
- github.com/lurcher/unixODBC/pull/157mitre
News mentions
0No linked articles in our index yet.