CVE-2024-6119

Issue summary: Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of service. Applications performing certificate name checks (e.g., TLS clients checking server certificates) may attempt to read an invalid memory address when comparing the expected name with an `otherName` subject alternative name of an X.509 certificate. This may result in an exception that terminates the application program. Note that basic certificate chain validation (signatures, dates, ...) is not affected, the denial of service can occur only when the application also specifies an expected DNS name, Email address or IP address. TLS servers rarely solicit client certificates, and even when they do, they generally don't perform a name check against a reference identifier (expected identity), but rather extract the presented identity after checking the certificate chain. So TLS servers are generally not affected and the severity of the issue is Moderate. The FIPS modules in 3.3, 3.2, 3.1 and 3.0 are not affected by this issue.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:o:netapp:brocade_fabric_operating_system:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*

History

03 Jun 2025, 10:51

Type Values Removed Values Added
CPE cpe:2.3:o:netapp:brocade_fabric_operating_system:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_tools:9:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:c250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:500f:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:a250:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:management_services_for_element_software_and_netapp_hci:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:a250_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:ontap_9:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:500f_firmware:-:*:*:*:*:*:*:*
cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:c250:-:*:*:*:*:*:*:*
References () https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f - () https://github.com/openssl/openssl/commit/05f360d9e849a1b277db628f1f13083a7f8dd04f - Patch
References () https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 - () https://github.com/openssl/openssl/commit/06d1dc3fa96a2ba5a3e22735a033012aadc9f0d6 - Patch
References () https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 - () https://github.com/openssl/openssl/commit/621f3729831b05ee828a3203eddb621d014ff2b2 - Patch
References () https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 - () https://github.com/openssl/openssl/commit/7dfcee2cd2a63b2c64b9b4b0850be64cb695b0a0 - Patch
References () https://openssl-library.org/news/secadv/20240903.txt - () https://openssl-library.org/news/secadv/20240903.txt - Vendor Advisory
References () http://www.openwall.com/lists/oss-security/2024/09/03/4 - () http://www.openwall.com/lists/oss-security/2024/09/03/4 - Mailing List
References () https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html - () https://lists.freebsd.org/archives/freebsd-security/2024-September/000303.html - Mailing List
References () https://security.netapp.com/advisory/ntap-20240912-0001/ - () https://security.netapp.com/advisory/ntap-20240912-0001/ - Third Party Advisory
First Time Netapp h610s Firmware
Openssl
Netapp active Iq Unified Manager
Netapp
Netapp a250
Netapp ontap 9
Netapp h410s
Netapp a250 Firmware
Netapp h610c
Netapp c250
Netapp h700s
Netapp h300s
Netapp ontap Select Deploy Administration Utility
Netapp h610c Firmware
Netapp management Services For Element Software And Netapp Hci
Netapp h615c Firmware
Netapp hci Compute Node
Netapp h500s
Netapp 500f
Openssl openssl
Netapp h410c Firmware
Netapp h610s
Netapp h700s Firmware
Netapp h410s Firmware
Netapp brocade Fabric Operating System
Netapp h410c
Netapp ontap Tools
Netapp h500s Firmware
Netapp c250 Firmware
Netapp bootstrap Os
Netapp 500f Firmware
Netapp h615c
Netapp h300s Firmware

Information

Published : 2024-09-03 16:15

Updated : 2025-06-03 10:51


NVD link : CVE-2024-6119

Mitre link : CVE-2024-6119

CVE.ORG link : CVE-2024-6119


JSON object : View

Products Affected

openssl

  • openssl

netapp

  • h410s_firmware
  • c250_firmware
  • h300s
  • h500s
  • h610s_firmware
  • h615c
  • ontap_9
  • h610s
  • a250
  • h700s
  • hci_compute_node
  • ontap_tools
  • ontap_select_deploy_administration_utility
  • active_iq_unified_manager
  • brocade_fabric_operating_system
  • h410c
  • h300s_firmware
  • h700s_firmware
  • 500f_firmware
  • h610c_firmware
  • h410s
  • a250_firmware
  • 500f
  • h500s_firmware
  • c250
  • h610c
  • h615c_firmware
  • h410c_firmware
  • bootstrap_os
  • management_services_for_element_software_and_netapp_hci
CWE
CWE-843

Access of Resource Using Incompatible Type ('Type Confusion')