CVE-2024-0217

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2024-0217

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-0217.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2024-0217

Downstream

SUSE-RU-2024:1202-1

SUSE-SU-2024:0966-1

SUSE-SU-2024:1046-1

UBUNTU-CVE-2024-0217

Related

Published

2024-01-03T17:15:12Z

Modified

2025-10-31T22:20:48.834830Z

Severity

3.3 (Low) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator

Summary

[none]

Details

A use-after-free flaw was found in PackageKitd. In some conditions, the order of cleanup mechanics for a transaction could be impacted. As a result, some memory access could occur on memory regions that were previously freed. Once freed, a memory region can be reused for other allocations and any previously stored data in this memory region is considered lost.

References

Affected packages

Git / github.com/hughsie/packagekit

Affected ranges

Type: GIT
Repo: https://github.com/hughsie/packagekit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

9915e1b611e6d662f67e6c1dcd4e7fda5c31cba8

Affected versions

Other

PACKAGEKIT_0_1_0

PACKAGEKIT_0_1_1

PACKAGEKIT_0_1_10

PACKAGEKIT_0_1_11

PACKAGEKIT_0_1_2

PACKAGEKIT_0_1_3

PACKAGEKIT_0_1_4

PACKAGEKIT_0_1_5

PACKAGEKIT_0_1_6

PACKAGEKIT_0_1_7

PACKAGEKIT_0_1_8

PACKAGEKIT_0_1_9

PACKAGEKIT_0_2_0

PACKAGEKIT_0_2_1

PACKAGEKIT_0_2_2

PACKAGEKIT_0_3_0

PACKAGEKIT_0_3_1

PACKAGEKIT_0_3_10

PACKAGEKIT_0_3_11

PACKAGEKIT_0_3_2

PACKAGEKIT_0_3_3

PACKAGEKIT_0_3_4

PACKAGEKIT_0_3_5

PACKAGEKIT_0_3_6

PACKAGEKIT_0_3_7

PACKAGEKIT_0_3_8

PACKAGEKIT_0_3_9

PACKAGEKIT_0_4_0

PACKAGEKIT_0_4_1

PACKAGEKIT_0_4_2

PACKAGEKIT_0_4_3

PACKAGEKIT_0_4_4

PACKAGEKIT_0_4_5

PACKAGEKIT_0_4_6

PACKAGEKIT_0_4_7

PACKAGEKIT_0_4_8

PACKAGEKIT_0_5_0

PACKAGEKIT_0_5_1

PACKAGEKIT_0_5_2

PACKAGEKIT_0_5_3

PACKAGEKIT_0_5_5

PACKAGEKIT_0_6_0

PACKAGEKIT_0_6_1

PACKAGEKIT_0_6_10

PACKAGEKIT_0_6_11

PACKAGEKIT_0_6_12

PACKAGEKIT_0_6_13

PACKAGEKIT_0_6_14

PACKAGEKIT_0_6_15

PACKAGEKIT_0_6_16

PACKAGEKIT_0_6_2

PACKAGEKIT_0_6_3

PACKAGEKIT_0_6_4

PACKAGEKIT_0_6_5

PACKAGEKIT_0_6_6

PACKAGEKIT_0_6_7

PACKAGEKIT_0_6_8

PACKAGEKIT_0_6_9

PACKAGEKIT_0_7_0

PACKAGEKIT_0_7_1

PACKAGEKIT_0_7_2

PACKAGEKIT_0_7_3

PACKAGEKIT_0_7_4

PACKAGEKIT_0_8_1

PACKAGEKIT_0_8_10

PACKAGEKIT_0_8_11

PACKAGEKIT_0_8_12

PACKAGEKIT_0_8_13

PACKAGEKIT_0_8_14

PACKAGEKIT_0_8_2

PACKAGEKIT_0_8_3

PACKAGEKIT_0_8_4

PACKAGEKIT_0_8_5

PACKAGEKIT_0_8_6

PACKAGEKIT_0_8_7

PACKAGEKIT_0_8_8

PACKAGEKIT_0_8_9

PACKAGEKIT_0_9_1

PACKAGEKIT_0_9_2

PACKAGEKIT_0_9_3

PACKAGEKIT_0_9_4

PACKAGEKIT_0_9_5

PACKAGEKIT_1_0_0

PACKAGEKIT_1_0_1

PACKAGEKIT_1_0_10

PACKAGEKIT_1_0_11

PACKAGEKIT_1_0_2

PACKAGEKIT_1_0_3

PACKAGEKIT_1_0_4

PACKAGEKIT_1_0_5

PACKAGEKIT_1_0_6

PACKAGEKIT_1_0_7

PACKAGEKIT_1_0_8

PACKAGEKIT_1_0_9

PACKAGEKIT_1_1_0

PACKAGEKIT_1_1_1

PACKAGEKIT_1_1_10

PACKAGEKIT_1_1_11

PACKAGEKIT_1_1_12

PACKAGEKIT_1_1_13

PACKAGEKIT_1_1_2

PACKAGEKIT_1_1_3

PACKAGEKIT_1_1_4

PACKAGEKIT_1_1_5

PACKAGEKIT_1_1_6

PACKAGEKIT_1_1_7

PACKAGEKIT_1_1_8

PACKAGEKIT_1_1_9

PACKAGEKIT_1_2_0

PACKAGEKIT_1_2_1

PACKAGEKIT_1_2_2

PACKAGEKIT_1_2_3

PACKAGEKIT_1_2_4

PACKAGEKIT_1_2_5

v1.*

v1.2.6

Git / github.com/packagekit/packagekit

Affected ranges

Type: GIT
Repo: https://github.com/packagekit/packagekit
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

64278c9127e3333342b56ead99556161f7e86f79

Affected versions

Other

PACKAGEKIT_0_1_0

PACKAGEKIT_0_1_1

PACKAGEKIT_0_1_10

PACKAGEKIT_0_1_11

PACKAGEKIT_0_1_2

PACKAGEKIT_0_1_3

PACKAGEKIT_0_1_4

PACKAGEKIT_0_1_5

PACKAGEKIT_0_1_6

PACKAGEKIT_0_1_7

PACKAGEKIT_0_1_8

PACKAGEKIT_0_1_9

PACKAGEKIT_0_2_0

PACKAGEKIT_0_2_1

PACKAGEKIT_0_2_2

PACKAGEKIT_0_3_0

PACKAGEKIT_0_3_1

PACKAGEKIT_0_3_10

PACKAGEKIT_0_3_11

PACKAGEKIT_0_3_2

PACKAGEKIT_0_3_3

PACKAGEKIT_0_3_4

PACKAGEKIT_0_3_5

PACKAGEKIT_0_3_6

PACKAGEKIT_0_3_7

PACKAGEKIT_0_3_8

PACKAGEKIT_0_3_9

PACKAGEKIT_0_4_0

PACKAGEKIT_0_4_1

PACKAGEKIT_0_4_2

PACKAGEKIT_0_4_3

PACKAGEKIT_0_4_4

PACKAGEKIT_0_4_5

PACKAGEKIT_0_4_6

PACKAGEKIT_0_4_7

PACKAGEKIT_0_4_8

PACKAGEKIT_0_5_0

PACKAGEKIT_0_5_1

PACKAGEKIT_0_5_2

PACKAGEKIT_0_5_3

PACKAGEKIT_0_5_5

PACKAGEKIT_0_6_0

PACKAGEKIT_0_6_1

PACKAGEKIT_0_6_10

PACKAGEKIT_0_6_11

PACKAGEKIT_0_6_12

PACKAGEKIT_0_6_13

PACKAGEKIT_0_6_14

PACKAGEKIT_0_6_15

PACKAGEKIT_0_6_16

PACKAGEKIT_0_6_2

PACKAGEKIT_0_6_3

PACKAGEKIT_0_6_4

PACKAGEKIT_0_6_5

PACKAGEKIT_0_6_6

PACKAGEKIT_0_6_7

PACKAGEKIT_0_6_8

PACKAGEKIT_0_6_9

PACKAGEKIT_0_7_0

PACKAGEKIT_0_7_1

PACKAGEKIT_0_7_2

PACKAGEKIT_0_7_3

PACKAGEKIT_0_7_4

PACKAGEKIT_0_8_1

PACKAGEKIT_0_8_10

PACKAGEKIT_0_8_11

PACKAGEKIT_0_8_12

PACKAGEKIT_0_8_13

PACKAGEKIT_0_8_14

PACKAGEKIT_0_8_2

PACKAGEKIT_0_8_3

PACKAGEKIT_0_8_4

PACKAGEKIT_0_8_5

PACKAGEKIT_0_8_6

PACKAGEKIT_0_8_7

PACKAGEKIT_0_8_8

PACKAGEKIT_0_8_9

PACKAGEKIT_0_9_1

PACKAGEKIT_0_9_2

PACKAGEKIT_0_9_3

PACKAGEKIT_0_9_4

PACKAGEKIT_0_9_5

PACKAGEKIT_1_0_0

PACKAGEKIT_1_0_1

PACKAGEKIT_1_0_10

PACKAGEKIT_1_0_11

PACKAGEKIT_1_0_2

PACKAGEKIT_1_0_3

PACKAGEKIT_1_0_4

PACKAGEKIT_1_0_5

PACKAGEKIT_1_0_6

PACKAGEKIT_1_0_7

PACKAGEKIT_1_0_8

PACKAGEKIT_1_0_9

PACKAGEKIT_1_1_0

PACKAGEKIT_1_1_1

PACKAGEKIT_1_1_10

PACKAGEKIT_1_1_11

PACKAGEKIT_1_1_12

PACKAGEKIT_1_1_13

PACKAGEKIT_1_1_2

PACKAGEKIT_1_1_3

PACKAGEKIT_1_1_4

PACKAGEKIT_1_1_5

PACKAGEKIT_1_1_6

PACKAGEKIT_1_1_7

PACKAGEKIT_1_1_8

PACKAGEKIT_1_1_9

PACKAGEKIT_1_2_0

PACKAGEKIT_1_2_1

PACKAGEKIT_1_2_2

PACKAGEKIT_1_2_3

PACKAGEKIT_1_2_4

PACKAGEKIT_1_2_5

v1.*

v1.2.6

Database specific

vanir_signatures

[
    {
        "source": "https://github.com/packagekit/packagekit/commit/64278c9127e3333342b56ead99556161f7e86f79",
        "digest": {
            "line_hashes": [
                "69110401875055153638018526870323614788",
                "104936221520995987981509473286540388469",
                "284850847472260449698388863213100776869",
                "33786011828446133669880393923746326194",
                "111480205983780487965060550645008160044",
                "316624392811831117073588737815180568666",
                "13349957417997647440873044018551392340",
                "252578080632256012307756048094668849918"
            ],
            "threshold": 0.9
        },
        "signature_type": "Line",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2024-0217-8195f6c2",
        "target": {
            "file": "src/pk-transaction.c"
        }
    },
    {
        "source": "https://github.com/packagekit/packagekit/commit/64278c9127e3333342b56ead99556161f7e86f79",
        "digest": {
            "function_hash": "416716534804417372517382757260205436",
            "length": 362.0
        },
        "signature_type": "Function",
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2024-0217-f826b9d0",
        "target": {
            "function": "pk_transaction_finished_emit",
            "file": "src/pk-transaction.c"
        }
    }
]