CVE-2024-29905

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2024-29905
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-29905.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2024-29905
Aliases
Related
Published
2024-04-09T17:16:00Z
Modified
2025-01-08T15:34:26.053567Z
Summary
[none]
Details

DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process (e.g., when using dirac-proxy-init), it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then perform any action that is possible with the original proxy. This vulnerability only exists for a short period of time (sub-millsecond) during the generation process. Version 8.0.41 contains a patch for the issue. As a workaround, setting the X509_USER_PROXY environment variable to a path that is inside a directory that is only readable to the current user avoids the potential risk. After the file has been written, it can be safely copied to the standard location (/tmp/x509up_uNNNN).

References

Affected packages

Git / github.com/diracgrid/dirac

Affected ranges

Type
GIT
Repo
https://github.com/diracgrid/dirac
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
1faa709341969a6321e29c843ca94039d33b2c3d
Fixed
1faa709341969a6321e29c843ca94039d33b2c3d

Affected versions

7.*

7.2a28
7.2a29

Other

grep
v6e7p27
v6r0
v6r0-pre1
v6r0p1
v6r0p2
v6r0p3
v6r0p4
v6r1
v6r10
v6r10p1
v6r10p10
v6r10p11
v6r10p12
v6r10p13
v6r10p14
v6r10p15
v6r10p16
v6r10p17
v6r10p18
v6r10p19
v6r10p2
v6r10p20
v6r10p21
v6r10p22
v6r10p23
v6r10p24
v6r10p25
v6r10p3
v6r10p4
v6r10p6
v6r10p7
v6r10p8
v6r10p9
v6r11
v6r11p1
v6r11p10
v6r11p11
v6r11p12
v6r11p13
v6r11p14
v6r11p15
v6r11p16
v6r11p17
v6r11p18
v6r11p19
v6r11p2
v6r11p20
v6r11p21
v6r11p22
v6r11p23
v6r11p24
v6r11p25
v6r11p26
v6r11p27
v6r11p28
v6r11p29
v6r11p3
v6r11p30
v6r11p31
v6r11p32
v6r11p33
v6r11p34
v6r11p4
v6r11p5
v6r11p6
v6r11p7
v6r11p8
v6r11p9
v6r12
v6r12p1
v6r12p10
v6r12p11
v6r12p12
v6r12p13
v6r12p14
v6r12p15
v6r12p16
v6r12p18
v6r12p19
v6r12p2
v6r12p20
v6r12p21
v6r12p22
v6r12p23
v6r12p24
v6r12p25
v6r12p26
v6r12p27
v6r12p28
v6r12p29
v6r12p3
v6r12p30
v6r12p31
v6r12p32
v6r12p33
v6r12p34
v6r12p35
v6r12p36
v6r12p37
v6r12p38
v6r12p39
v6r12p4
v6r12p40
v6r12p41
v6r12p42
v6r12p43
v6r12p44
v6r12p45
v6r12p46
v6r12p47
v6r12p48
v6r12p49
v6r12p5
v6r12p50
v6r12p51
v6r12p52
v6r12p53
v6r12p6
v6r12p7
v6r12p8
v6r12p9
v6r13
v6r13p1
v6r13p10
v6r13p11
v6r13p12
v6r13p13
v6r13p14
v6r13p15
v6r13p16
v6r13p17
v6r13p18
v6r13p19
v6r13p2
v6r13p20
v6r13p3
v6r13p4
v6r13p5
v6r13p6
v6r13p7
v6r13p8
v6r13p9
v6r14
v6r14p1
v6r14p10
v6r14p11
v6r14p12
v6r14p13
v6r14p14
v6r14p15
v6r14p16
v6r14p17
v6r14p18
v6r14p19
v6r14p2
v6r14p20
v6r14p21
v6r14p22
v6r14p23
v6r14p24
v6r14p25
v6r14p26
v6r14p27
v6r14p28
v6r14p29
v6r14p3
v6r14p30
v6r14p31
v6r14p32
v6r14p33
v6r14p34
v6r14p35
v6r14p36
v6r14p37
v6r14p38
v6r14p39
v6r14p4
v6r14p5
v6r14p6
v6r14p7
v6r14p8
v6r14p9
v6r15
v6r15p1
v6r15p10
v6r15p11
v6r15p12
v6r15p13
v6r15p14
v6r15p15
v6r15p16
v6r15p17
v6r15p18
v6r15p19
v6r15p2
v6r15p20
v6r15p21
v6r15p22
v6r15p23
v6r15p24
v6r15p25
v6r15p26
v6r15p27
v6r15p3
v6r15p4
v6r15p5
v6r15p6
v6r15p7
v6r15p8
v6r15p9
v6r16
v6r16p1
v6r16p2
v6r16p3
v6r16p4
v6r16p5
v6r16p6
v6r17
v6r17p1
v6r17p10
v6r17p11
v6r17p12
v6r17p13
v6r17p14
v6r17p15
v6r17p16
v6r17p17
v6r17p18
v6r17p19
v6r17p2
v6r17p20
v6r17p21
v6r17p22
v6r17p23
v6r17p24
v6r17p25
v6r17p26
v6r17p27
v6r17p28
v6r17p29
v6r17p3
v6r17p30
v6r17p31
v6r17p32
v6r17p33
v6r17p34
v6r17p35
v6r17p4
v6r17p5
v6r17p6
v6r17p7
v6r17p8
v6r17p9
v6r18
v6r18p1
v6r19
v6r19p1
v6r19p10
v6r19p11
v6r19p12
v6r19p13
v6r19p14
v6r19p15
v6r19p16
v6r19p17
v6r19p18
v6r19p19
v6r19p2
v6r19p20
v6r19p21
v6r19p22
v6r19p23
v6r19p24
v6r19p25
v6r19p3
v6r19p4
v6r19p5
v6r19p6
v6r19p7
v6r19p8
v6r19p9
v6r1p1
v6r1p10
v6r1p11
v6r1p2
v6r1p3
v6r1p4
v6r1p5
v6r1p6
v6r1p8
v6r1p9
v6r2
v6r20
v6r20p1
v6r20p10
v6r20p11
v6r20p12
v6r20p13
v6r20p14
v6r20p15
v6r20p16
v6r20p17
v6r20p18
v6r20p19
v6r20p2
v6r20p20
v6r20p21
v6r20p22
v6r20p23
v6r20p24
v6r20p25
v6r20p26
v6r20p27
v6r20p28
v6r20p3
v6r20p4
v6r20p5
v6r20p6
v6r20p7
v6r20p8
v6r20p9
v6r21
v6r21p1
v6r21p10
v6r21p11
v6r21p12
v6r21p13
v6r21p14
v6r21p15
v6r21p16
v6r21p2
v6r21p3
v6r21p4
v6r21p5
v6r21p6
v6r21p7
v6r21p8
v6r21p9
v6r22
v6r22p1
v6r22p10
v6r22p11
v6r22p12
v6r22p13
v6r22p14
v6r22p15
v6r22p16
v6r22p17
v6r22p18
v6r22p19
v6r22p2
v6r22p20
v6r22p21
v6r22p22
v6r22p23
v6r22p24
v6r22p25
v6r22p26
v6r22p27
v6r22p28
v6r22p29
v6r22p3
v6r22p30
v6r22p31
v6r22p32
v6r22p33
v6r22p34
v6r22p35
v6r22p4
v6r22p5
v6r22p6
v6r22p7
v6r22p8
v6r22p9
v6r2p2
v6r2p3
v6r2p4
v6r2p5
v6r2p6
v6r2p7
v6r2p8
v6r2p9
v6r3
v6r3p1
v6r3p10
v6r3p11
v6r3p12
v6r3p13
v6r3p14
v6r3p15
v6r3p16
v6r3p17
v6r3p2
v6r3p3
v6r3p4
v6r3p5
v6r3p6
v6r3p7
v6r3p8
v6r3p9
v6r4
v6r4-pre1
v6r4-pre2
v6r4-pre3
v6r4-pre4
v6r4p1
v6r4p10
v6r4p11
v6r4p12
v6r4p13
v6r4p14
v6r4p16
v6r4p17
v6r4p18
v6r4p19
v6r4p2
v6r4p20
v6r4p21
v6r4p22
v6r4p23
v6r4p24
v6r4p25
v6r4p26
v6r4p27
v6r4p28
v6r4p29
v6r4p3
v6r4p30
v6r4p31
v6r4p32
v6r4p33
v6r4p34
v6r4p4
v6r4p5
v6r4p6
v6r4p7
v6r4p8
v6r4p9
v6r5
v6r5-pre1
v6r5-pre10
v6r5-pre11
v6r5-pre12
v6r5-pre13
v6r5-pre14
v6r5-pre15
v6r5-pre2
v6r5-pre3
v6r5-pre4
v6r5-pre5
v6r5-pre6
v6r5-pre7
v6r5-pre8
v6r5-pre9
v6r5p1
v6r5p10
v6r5p11
v6r5p12
v6r5p13
v6r5p14
v6r5p2
v6r5p3
v6r5p4
v6r5p5
v6r5p6
v6r5p7
v6r5p8
v6r5p9
v6r6
v6r6-pre1
v6r6-pre10
v6r6-pre11
v6r6-pre12
v6r6-pre13
v6r6-pre14
v6r6-pre2
v6r6-pre3
v6r6-pre6
v6r6-pre7
v6r6-pre8
v6r6-pre9
v6r6p1
v6r6p10
v6r6p11
v6r6p12
v6r6p13
v6r6p14
v6r6p15
v6r6p16
v6r6p17
v6r6p18
v6r6p19
v6r6p2
v6r6p20
v6r6p21
v6r6p3
v6r6p4
v6r6p5
v6r6p6
v6r6p7
v6r6p8
v6r6p9
v6r7
v6r7-pre1
v6r7-pre10
v6r7-pre11
v6r7-pre12
v6r7-pre2
v6r7-pre3
v6r7-pre4
v6r7-pre5
v6r7-pre6
v6r7-pre7
v6r7-pre8
v6r7-pre9
v6r7p1
v6r7p10
v6r7p11
v6r7p12
v6r7p13
v6r7p14
v6r7p15
v6r7p16
v6r7p17
v6r7p18
v6r7p19
v6r7p2
v6r7p20
v6r7p21
v6r7p22
v6r7p23
v6r7p24
v6r7p25
v6r7p26
v6r7p27
v6r7p28
v6r7p29
v6r7p3
v6r7p30
v6r7p31
v6r7p32
v6r7p33
v6r7p34
v6r7p35
v6r7p36
v6r7p37
v6r7p38
v6r7p39
v6r7p4
v6r7p40
v6r7p5
v6r7p6
v6r7p7
v6r7p8
v6r7p9
v6r8
v6r8p1
v6r8p10
v6r8p11
v6r8p13
v6r8p14
v6r8p15
v6r8p16
v6r8p17
v6r8p18
v6r8p19
v6r8p2
v6r8p20
v6r8p21
v6r8p22
v6r8p23
v6r8p24
v6r8p25
v6r8p26
v6r8p27
v6r8p28
v6r8p3
v6r8p5
v6r8p6
v6r8p7
v6r8p8
v6r8p9
v6r9
v6r9p1
v6r9p10
v6r9p11
v6r9p12
v6r9p13
v6r9p14
v6r9p15
v6r9p16
v6r9p17
v6r9p18
v6r9p19
v6r9p2
v6r9p20
v6r9p21
v6r9p22
v6r9p23
v6r9p24
v6r9p25
v6r9p26
v6r9p27
v6r9p28
v6r9p29
v6r9p3
v6r9p30
v6r9p31
v6r9p32
v6r9p33
v6r9p4
v6r9p5
v6r9p6
v6r9p7
v6r9p8
v6r9p9
v7r0
v7r0p1
v7r0p10
v7r0p11
v7r0p12
v7r0p13
v7r0p14
v7r0p15
v7r0p16
v7r0p17
v7r0p18
v7r0p19
v7r0p2
v7r0p20
v7r0p21
v7r0p22
v7r0p23
v7r0p24
v7r0p25
v7r0p26
v7r0p27
v7r0p28
v7r0p29
v7r0p3
v7r0p30
v7r0p31
v7r0p32
v7r0p33
v7r0p34
v7r0p35
v7r0p36
v7r0p37
v7r0p38
v7r0p39
v7r0p4
v7r0p40
v7r0p41
v7r0p42
v7r0p43
v7r0p44
v7r0p45
v7r0p46
v7r0p47
v7r0p48
v7r0p49
v7r0p5
v7r0p50
v7r0p51
v7r0p52
v7r0p53
v7r0p54
v7r0p55
v7r0p56
v7r0p57
v7r0p6
v7r0p7
v7r0p8
v7r0p9
v7r1
v7r1p1
v7r1p10
v7r1p11
v7r1p12
v7r1p13
v7r1p14
v7r1p15
v7r1p16
v7r1p17
v7r1p18
v7r1p19
v7r1p2
v7r1p20
v7r1p21
v7r1p22
v7r1p23
v7r1p24
v7r1p25
v7r1p26
v7r1p27
v7r1p28
v7r1p29
v7r1p3
v7r1p30
v7r1p31
v7r1p32
v7r1p33
v7r1p34
v7r1p35
v7r1p36
v7r1p37
v7r1p38
v7r1p39
v7r1p4
v7r1p40
v7r1p41
v7r1p42
v7r1p43
v7r1p44
v7r1p45
v7r1p46
v7r1p47
v7r1p5
v7r1p6
v7r1p7
v7r1p8
v7r1p9
v7r2
v7r2-pre10
v7r2-pre11
v7r2-pre12
v7r2-pre13
v7r2-pre14
v7r2-pre15
v7r2-pre16
v7r2-pre17
v7r2-pre18
v7r2-pre19
v7r2-pre20
v7r2-pre21
v7r2-pre22
v7r2-pre23
v7r2-pre24
v7r2-pre25
v7r2-pre26
v7r2-pre27
v7r2-pre28
v7r2-pre29
v7r2-pre30
v7r2-pre31
v7r2-pre32
v7r2-pre33
v7r2-pre34
v7r2-pre35
v7r2-pre36
v7r2-pre37
v7r2-pre38
v7r2-pre39
v7r2-pre8
v7r2-pre9
v7r2p1
v7r2p10
v7r2p11
v7r2p12
v7r2p13
v7r2p14
v7r2p15
v7r2p16
v7r2p17
v7r2p18
v7r2p19
v7r2p2
v7r2p20
v7r2p21
v7r2p22
v7r2p23
v7r2p24
v7r2p25
v7r2p26
v7r2p27
v7r2p28
v7r2p3
v7r2p4
v7r2p5
v7r2p6
v7r2p7
v7r2p8
v7r2p9
v7r3
v7r3-pre1
v7r3-pre10
v7r3-pre11
v7r3-pre12
v7r3-pre13
v7r3-pre14
v7r3-pre15
v7r3-pre16
v7r3-pre17
v7r3-pre18
v7r3-pre19
v7r3-pre2
v7r3-pre20
v7r3-pre21
v7r3-pre22
v7r3-pre23
v7r3-pre24
v7r3-pre3
v7r3-pre4
v7r3-pre5
v7r3-pre6
v7r3-pre7
v7r3-pre8
v7r3-pre9
v7r3p1
v7r3p2
v7r3p3
v7r3p4
v7r4-pre1
v8r0
v8r0-pre1
v8r0-pre2
v8r0-pre3
v8r0-pre4

v7.*

v7.2.0
v7.2.0a32
v7.2.0a33
v7.2.0a34
v7.2.0a35
v7.2.0a36
v7.2.0a37
v7.2.0a38
v7.2.0a39
v7.2.1
v7.2.10
v7.2.12
v7.2.13
v7.2.14
v7.2.15
v7.2.16
v7.2.19
v7.2.2
v7.2.20
v7.2.21
v7.2.22
v7.2.23
v7.2.24
v7.2.25
v7.2.26
v7.2.27
v7.2.28
v7.2.3
v7.2.4
v7.2.5
v7.2.6
v7.2.7
v7.2.8
v7.2.9
v7.2a31
v7.3.0
v7.3.0a10
v7.3.0a11
v7.3.0a13
v7.3.0a14
v7.3.0a15
v7.3.0a16
v7.3.0a17
v7.3.0a18
v7.3.0a19
v7.3.0a2
v7.3.0a20
v7.3.0a21
v7.3.0a22
v7.3.0a23
v7.3.0a24
v7.3.0a3
v7.3.0a4
v7.3.0a5
v7.3.0a6
v7.3.0a7
v7.3.0a8
v7.3.0a9
v7.3.1
v7.3.2
v7.3.3
v7.3.4
v7.4.0a1

v8.*

v8.0.0
v8.0.0.a18
v8.0.0a10
v8.0.0a11
v8.0.0a12
v8.0.0a13
v8.0.0a14
v8.0.0a15
v8.0.0a16
v8.0.0a17
v8.0.0a19
v8.0.0a20
v8.0.0a21
v8.0.0a22
v8.0.0a23
v8.0.0a24
v8.0.0a25
v8.0.0a26
v8.0.0a27
v8.0.0a28
v8.0.0a29
v8.0.0a7
v8.0.0a8
v8.0.0a9
v8.0.1
v8.0.10
v8.0.11
v8.0.12
v8.0.13
v8.0.14
v8.0.15
v8.0.16
v8.0.17
v8.0.18
v8.0.19
v8.0.2
v8.0.20
v8.0.21
v8.0.22
v8.0.23
v8.0.24
v8.0.25
v8.0.26
v8.0.27
v8.0.28
v8.0.29
v8.0.3
v8.0.30
v8.0.31
v8.0.32
v8.0.33
v8.0.34
v8.0.35
v8.0.36
v8.0.37
v8.0.38
v8.0.39
v8.0.4
v8.0.40
v8.0.5
v8.0.6
v8.0.7
v8.0.8
v8.0.9