CVE-2024-41184 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2024-41184 Interim 1 22 2025-07-12T08:01:36Z current 2024-07-18T23:09:39Z 2025-07-12T08:01:36Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2024-41184 In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-January/000788.html E-Mail link for RHSA-2025:0743 https://lists.suse.com/pipermail/suse-liberty-linux-updates/2025-February/000821.html E-Mail link for RHSA-2025:0917 https://lists.suse.com/pipermail/sle-updates/2024-August/036692.html E-Mail link for SUSE-SU-2024:3031-1 https://lists.suse.com/pipermail/sle-updates/2024-October/037251.html E-Mail link for SUSE-SU-2024:3633-1 https://lists.suse.com/pipermail/sle-updates/2024-October/037250.html E-Mail link for SUSE-SU-2024:3634-1 https://lists.suse.com/pipermail/sle-updates/2024-October/037276.html E-Mail link for SUSE-SU-2024:3658-1 https://lists.suse.com/pipermail/sle-security-updates/2025-June/021345.html E-Mail link for SUSE-SU-2025:20039-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Liberty Linux 8 SUSE Liberty Linux 9 SUSE Linux Enterprise High Availability Extension 15 SP2 SUSE Linux Enterprise High Availability Extension 15 SP3 SUSE Linux Enterprise High Availability Extension 15 SP4 SUSE Linux Enterprise High Availability Extension 15 SP5 SUSE Linux Enterprise High Availability Extension 15 SP6 SUSE Linux Enterprise High Availability Extension 15 SP7 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Micro 6.0 SUSE Linux Micro 6.1 openSUSE Leap 15.5 openSUSE Leap 15.6 openSUSE Leap Micro 5.5 openSUSE Tumbleweed keepalived-2.0.19-150100.3.9.1 keepalived-2.1.5-10.el8_10 keepalived-2.2.2-150400.3.10.1 keepalived-2.2.2-150500.8.5.1 keepalived-2.2.8-150600.3.5.1 keepalived-2.2.8-2.1 keepalived-2.2.8-4.el9_5 keepalived-2.2.8-slfo.1.1_1.2 keepalived-2.3.1+git59.b6681f98-1.1 keepalived-2.1.5-10.el8_10 as a component of SUSE Liberty Linux 8 keepalived-2.2.8-4.el9_5 as a component of SUSE Liberty Linux 9 keepalived-2.0.19-150100.3.9.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP2 keepalived-2.0.19-150100.3.9.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP3 keepalived-2.2.2-150400.3.10.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP4 keepalived-2.2.2-150500.8.5.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP5 keepalived-2.2.8-150600.3.5.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP6 keepalived-2.2.8-150600.3.5.1 as a component of SUSE Linux Enterprise High Availability Extension 15 SP7 keepalived-2.2.2-150400.3.10.1 as a component of SUSE Linux Enterprise Micro 5.3 keepalived-2.2.2-150400.3.10.1 as a component of SUSE Linux Enterprise Micro 5.4 keepalived-2.2.2-150500.8.5.1 as a component of SUSE Linux Enterprise Micro 5.5 keepalived-2.2.8-2.1 as a component of SUSE Linux Micro 6.0 keepalived-2.2.8-slfo.1.1_1.2 as a component of SUSE Linux Micro 6.1 keepalived-2.2.2-150500.8.5.1 as a component of openSUSE Leap 15.5 keepalived-2.2.8-150600.3.5.1 as a component of openSUSE Leap 15.6 keepalived-2.2.2-150500.8.5.1 as a component of openSUSE Leap Micro 5.5 keepalived-2.3.1+git59.b6681f98-1.1 as a component of openSUSE Tumbleweed In the vrrp_ipsets_handler handler (fglobal_parser.c) of keepalived through 2.3.1, an integer overflow can occur. NOTE: this CVE Record might not be worthwhile because an empty ipset name must be configured by the user. CVE-2024-41184 SUSE Liberty Linux 8:keepalived-2.1.5-10.el8_10 SUSE Liberty Linux 9:keepalived-2.2.8-4.el9_5 SUSE Linux Enterprise High Availability Extension 15 SP2:keepalived-2.0.19-150100.3.9.1 SUSE Linux Enterprise High Availability Extension 15 SP3:keepalived-2.0.19-150100.3.9.1 SUSE Linux Enterprise High Availability Extension 15 SP4:keepalived-2.2.2-150400.3.10.1 SUSE Linux Enterprise High Availability Extension 15 SP5:keepalived-2.2.2-150500.8.5.1 SUSE Linux Enterprise High Availability Extension 15 SP6:keepalived-2.2.8-150600.3.5.1 SUSE Linux Enterprise High Availability Extension 15 SP7:keepalived-2.2.8-150600.3.5.1 SUSE Linux Enterprise Micro 5.3:keepalived-2.2.2-150400.3.10.1 SUSE Linux Enterprise Micro 5.4:keepalived-2.2.2-150400.3.10.1 SUSE Linux Enterprise Micro 5.5:keepalived-2.2.2-150500.8.5.1 SUSE Linux Micro 6.0:keepalived-2.2.8-2.1 SUSE Linux Micro 6.1:keepalived-2.2.8-slfo.1.1_1.2 openSUSE Leap 15.5:keepalived-2.2.2-150500.8.5.1 openSUSE Leap 15.6:keepalived-2.2.8-150600.3.5.1 openSUSE Leap Micro 5.5:keepalived-2.2.2-150500.8.5.1 openSUSE Tumbleweed:keepalived-2.3.1+git59.b6681f98-1.1 moderate 6.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:H