USN-6746-1
- Source
- https://ubuntu.com/security/notices/USN-6746-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6746-1.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/USN-6746-1
- Upstream
- Related
- Published
- 2024-04-23T11:38:08.767186Z
- Modified
- 2025-10-13T04:36:56Z
- Summary
- google-guest-agent, google-osconfig-agent vulnerability
- Details
-
It was discovered that Google Guest Agent and Google OS Config Agent incorrectly handled certain JSON files. An attacker could possibly use this issue to cause a denial of service.
- References
Affected packages
Ubuntu:22.04:LTS / google-guest-agent
Package
- Name
- google-guest-agent
- Purl
- pkg:deb/ubuntu/google-guest-agent@20231004.02-0ubuntu1~22.04.4?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20231004.02-0ubuntu1~22.04.4
Affected versions
20210629.*
20210629.00-0ubuntu1
20210629.00-0ubuntu2
20220104.*
20220104.00-0ubuntu1
20220104.00-0ubuntu2
20220622.*
20220622.00-0ubuntu2~22.04.0
20220622.00-0ubuntu2~22.04.1
20230426.*
20230426.00-0ubuntu2~22.04.0
20231004.*
20231004.02-0ubuntu1~22.04.1
20231004.02-0ubuntu1~22.04.2
20231004.02-0ubuntu1~22.04.3
Ecosystem specific
{
"binaries": [
{
"binary_name": "google-guest-agent",
"binary_version": "20231004.02-0ubuntu1~22.04.4"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2024-24786"
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6746-1.json"
Ubuntu:22.04:LTS / google-osconfig-agent
Package
- Name
- google-osconfig-agent
- Purl
- pkg:deb/ubuntu/google-osconfig-agent@20230504.00-0ubuntu1~22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed20230504.00-0ubuntu1~22.04.1
Affected versions
20210608.*
20210608.1-0ubuntu1
20210608.1-0ubuntu2
20210608.1-0ubuntu3
20220824.*
20220824.00-0ubuntu1~22.04.1
20220824.00-0ubuntu1~22.04.2
20230504.*
20230504.00-0ubuntu1~22.04.0
Ecosystem specific
{
"binaries": [
{
"binary_name": "google-osconfig-agent",
"binary_version": "20230504.00-0ubuntu1~22.04.1"
}
],
"availability": "No subscription required"
}
Database specific
cves_map
{
"cves": [
{
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
},
{
"score": "medium",
"type": "Ubuntu"
}
],
"id": "CVE-2024-24786"
}
],
"ecosystem": "Ubuntu:22.04:LTS"
}
source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-6746-1.json"