Bug 1224062 (CVE-2024-34244)

Summary: VUL-0: CVE-2024-34244: libmodbus: buffer overflow via the modbus_write_bits function
Product: [openSUSE] openSUSE Distribution Reporter: SMASH SMASH <smash_bz>
Component: SecurityAssignee: Stanislav Brabec <sbrabec>
Status: CONFIRMED --- QA Contact: Security Team bot <security-team>
Severity: Major    
Priority: P3 - Medium CC: camila.matos
Version: Leap 15.6   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/404865/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-34244:8.2:(AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description SMASH SMASH 2024-05-08 18:08:09 UTC 
libmodbus v3.1.10 is vulnerable to Buffer Overflow via the modbus_write_bits function. This issue can be triggered when the function is fed with specially crafted input, which leads to out-of-bounds read and can potentially cause a crash or other unintended behaviors.

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2024-34244
https://www.cve.org/CVERecord?id=CVE-2024-34244
https://github.com/stephane/libmodbus/issues/743
Comment 2 Stanislav Brabec 2024-05-09 18:55:28 UTC 
Upstream has no solution yet. If possible, let's wait a bit and then see. If there well be no upstream fix, we will investigate further.
Comment 3 Stanislav Brabec 2024-06-11 22:20:16 UTC 
Checking the upstream again, there is still no fix. The upstream issue has no progress.

However the report indicates exact crash line, the source of the problem could be elsewhere.

Is it serious enough to start a research? Note that we have no Modbus testing hardware.