CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2024-53379: Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit...

Description

Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message.

Classification

CVE ID: CVE-2024-53379

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.72% (scored less or equal to compared to others)

EPSS Date: 2025-02-21 (when was this score calculated)

References

https://www.telekom.com/resource/blob/1086326/e6e800ec1e4e675ca0d8fdafab86ea8c/dl-250122-cve-2024-53379-data.pdf

Timeline

2025-01-24 00:30:31 UTC
CVE

Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit...