PAN-OS Data Plane Memory Corruption Causing DoS
CVE-2024-9468 Published on October 9, 2024
PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet
A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service (DoS) condition. Repeated attempts to trigger this condition will result in PAN-OS entering maintenance mode.
Timeline
Initial publication
Weakness Type
What is a Memory Corruption Vulnerability?
The software writes data past the end, or before the beginning, of the intended buffer. Typically, this can result in corruption of data, a crash, or code execution. The software may modify an index or perform pointer arithmetic that references a memory location that is outside of the boundaries of the buffer. A subsequent write operation then produces undefined or unexpected results.
CVE-2024-9468 has been classified to as a Memory Corruption vulnerability or weakness.
Products Associated with CVE-2024-9468
Want to know whenever a new CVE is published for Palo Alto Networks PAN-OS? stack.watch will email you.
Affected Versions
Palo Alto Networks Cloud NGFW:- Version All is unaffected.
- Version 11.2.0 is unaffected.
- Version 11.1.0 and below 11.1.3 is affected.
- Version 11.0.0 and below 11.0.4-h5 is affected.
- Version 10.2.0 and below 10.2.4-h24 is affected.
- Version 10.1.0 is unaffected.
- Version All is unaffected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.