CVE-2024-1930 - Vulnerability Details - OpenCVE

No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions. There is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method. For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Fedora	Dnf5daemon-server
Rpm-software-management	Dnf5

Configuration 1 [-]

cpe:2.3:a:rpm-software-management:dnf5:*:*:*:*:*:*:*:*

No data.

References

Link	Providers
https://www.openwall.com/lists/oss-security/2024/03/04/2

History

Thu, 07 Aug 2025 17:30:00 +0000

Type	Values Removed	Values Added
First Time appeared		Rpm-software-management Rpm-software-management dnf5
CPEs		cpe:2.3:a:rpm-software-management:dnf5::::::::
Vendors & Products		Rpm-software-management Rpm-software-management dnf5

MITRE

Status: PUBLISHED

Assigner: fedora

Published: 2024-05-08T01:52:54.938Z

Updated: 2024-08-01T18:56:22.475Z

Reserved: 2024-02-27T12:44:59.949Z

Link: CVE-2024-1930

Vulnrichment

Updated: 2024-08-01T18:56:22.475Z

NVD

Status : Analyzed

Published: 2024-05-08T02:15:09.503

Modified: 2025-08-07T17:21:11.740

Link: CVE-2024-1930

Redhat

No data.

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-1930", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "state": "PUBLISHED", "assignerShortName": "fedora", "dateReserved": "2024-02-27T12:44:59.949Z", "datePublished": "2024-05-08T01:52:54.938Z", "dateUpdated": "2024-08-01T18:56:22.475Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-05-08T01:52:54.938Z"}, "title": "No Limit on Number of Open Sessions / Bad Session Close Behaviour", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption", "type": "CWE"}]}], "affected": [{"vendor": "Fedora", "product": "dnf5daemon-server", "platforms": ["Linux"], "versions": [{"status": "affected", "version": "5.1.16<="}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\n\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\n\n", "supportingMedia": [{"type": "text/html", "base64": false, "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions.<br><br>There is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method. For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.<br><br>"}]}], "references": [{"url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "availabilityImpact": "HIGH", "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}}], "source": {"discovery": "UNKNOWN"}, "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"affected": [{"vendor": "fedora", "product": "dnf5daemon-server", "cpes": ["cpe:2.3:a:fedora:dnf5daemon-server:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "0", "status": "affected", "lessThan": "5.1.17", "versionType": "custom"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-05-08T14:47:09.395902Z", "id": "CVE-2024-1930", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-06-06T13:19:28.577Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:56:22.475Z"}, "title": "CVE Program Container", "references": [{"url": "https://www.openwall.com/lists/oss-security/2024/03/04/2", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://www.openwall.com/lists/oss-security/2024/03/04/2", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-01T18:56:22.475Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-1930", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-05-08T14:47:09.395902Z"}}}], "affected": [{"cpes": ["cpe:2.3:a:fedora:dnf5daemon-server:*:*:*:*:*:*:*:*"], "vendor": "fedora", "product": "dnf5daemon-server", "versions": [{"status": "affected", "version": "0", "lessThan": "5.1.17", "versionType": "custom"}], "defaultStatus": "unknown"}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-05-08T14:54:52.778Z"}}], "cna": {"title": "No Limit on Number of Open Sessions / Bad Session Close Behaviour", "source": {"discovery": "UNKNOWN"}, "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Fedora", "product": "dnf5daemon-server", "versions": [{"status": "affected", "version": "5.1.16<="}], "platforms": ["Linux"], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\n\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\n\n", "supportingMedia": [{"type": "text/html", "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via No Limit on Number of Open Sessions.<br><br>There is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method. For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.<br><br>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-400", "description": "CWE-400 Uncontrolled Resource Consumption"}]}], "providerMetadata": {"orgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "shortName": "fedora", "dateUpdated": "2024-05-08T01:52:54.938Z"}}}, "cveMetadata": {"cveId": "CVE-2024-1930", "state": "PUBLISHED", "dateUpdated": "2024-08-01T18:56:22.475Z", "dateReserved": "2024-02-27T12:44:59.949Z", "assignerOrgId": "92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5", "datePublished": "2024-05-08T01:52:54.938Z", "assignerShortName": "fedora"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:rpm-software-management:dnf5:*:*:*:*:*:*:*:*", "matchCriteriaId": "011EF61C-CD6B-48B4-8E4B-EC5E3C9841AB", "versionEndExcluding": "5.1.17", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "No Limit on Number of Open Sessions / Bad Session Close Behaviour in dnf5daemon-server before 5.1.17 allows a malicious user to impact Availability via\u00a0No Limit on Number of Open Sessions.\n\nThere is no limit on how many sessions D-Bus clients may create using the `open_session()` D-Bus method.\u00a0For each session a thread is created in dnf5daemon-server. This spends a couple of hundred megabytes of memory in the process. Further connections will become impossible, likely because no more threads can be spawned by the D-Bus service.\n\n"}, {"lang": "es", "value": "Sin l\u00edmite en el n\u00famero de sesiones abiertas / mal comportamiento de cierre de sesi\u00f3n en dnf5daemon-server anterior a 5.1.17 permite que un usuario malintencionado afecte la disponibilidad mediante Sin l\u00edmite en el n\u00famero de sesiones abiertas. No hay l\u00edmite en la cantidad de sesiones que los clientes D-Bus pueden crear usando el m\u00e9todo D-Bus `open_session()`. Para cada sesi\u00f3n se crea un hilo en dnf5daemon-server. Esto gasta un par de cientos de megabytes de memoria en el proceso. Ser\u00e1 imposible realizar m\u00e1s conexiones, probablemente porque el servicio D-Bus no puede generar m\u00e1s subprocesos."}], "id": "CVE-2024-1930", "lastModified": "2025-08-07T17:21:11.740", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.0, "impactScore": 4.0, "source": "patrick@puiterwijk.org", "type": "Secondary"}]}, "published": "2024-05-08T02:15:09.503", "references": [{"source": "patrick@puiterwijk.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2024/03/04/2"}], "sourceIdentifier": "patrick@puiterwijk.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "patrick@puiterwijk.org", "type": "Secondary"}]}