Unrated severityNVD Advisory· Published Feb 27, 2024· Updated Aug 2, 2024
Azure IoT Platform Device SDK Double Free Vulnerability
CVE-2024-27099
Description
The uAMQP is a C library for AMQP 1.0 communication to Azure Cloud Services. When processing an incorrect AMQP_VALUE failed state, may cause a double free problem. This may cause a RCE. Update submodule with commit 2ca42b6e4e098af2d17e487814a91d05f6ae4987.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- osv-coords5 versionspkg:rpm/opensuse/python-uamqp&distro=openSUSE%20Leap%2015.5pkg:rpm/suse/python-uamqp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP2pkg:rpm/suse/python-uamqp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP3pkg:rpm/suse/python-uamqp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP4pkg:rpm/suse/python-uamqp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Public%20Cloud%2015%20SP5
< 1.5.3-150100.4.18.1+ 4 more
- (no CPE)range: < 1.5.3-150100.4.18.1
- (no CPE)range: < 1.5.3-150100.4.18.1
- (no CPE)range: < 1.5.3-150100.4.18.1
- (no CPE)range: < 1.5.3-150100.4.18.1
- (no CPE)range: < 1.5.3-150100.4.18.1
- Azure/azure-uamqp-cv5Range: < 2023-2-08
Patches
Vulnerability mechanics
References
2- github.com/Azure/azure-uamqp-c/commit/2ca42b6e4e098af2d17e487814a91d05f6ae4987mitrex_refsource_MISC
- github.com/Azure/azure-uamqp-c/security/advisories/GHSA-6rh4-fj44-v4jjmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.