From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: CVE-2024-43167 2. Release Date: August 7, 2024 3. Last Modified Date: August 8, 2024 4. Severity: Low 5. Description: A NULL pointer dereference flaw was discovered in the function in Unbound. When specific API functions (such as and ) are called in a particular order, the program attempts to read from a NULL pointer, resulting in a segmentation fault. This could lead to a denial of service, causing the application to terminate unexpectedly. 6. Mitigation: The currently available mitigations do not meet Red Hat Product Security standards, as they fail to satisfy requirements for usability, deployability, applicability, installation base, or stability. 7. Affected Packages and Red Hat Security Patches: - Red Hat Enterprise Linux 6 - Red Hat Enterprise Linux 7 - Red Hat Enterprise Linux 8 - Red Hat Enterprise Linux 9 - Red Hat OpenShift Container Platform 4 - Red Hat OpenStack Platform 16.2 - Red Hat OpenStack Platform 17.1 - Red Hat OpenStack Platform 18.0 - rhcos - rhaps-rhel8-tech-preview/openstack-unbound - rhaps-rhel9/openstack-unbound - openstack-unbound-container 8. CVSS v3 Score: - Base Score: 2.8 - Attack Vector: Local - Attack Complexity: Low - Privileges Required: Low - User Interaction: Required - Scope: Unchanged - Confidentiality Impact: None - Integrity Impact: None - Availability Impact: Low 9. Frequently Asked Questions: - Why does Red Hat’s CVSS v3 score or impact differ from other vendors? - My product is listed as “Under Investigation” or “Affected.” When will Red Hat release a patch to fix this vulnerability? - If my product is not listed above, is it affected? - Why does my security scanner report this vulnerability in my product, even though my product version is already patched or unaffected? - My product is listed as “End of Life.” What does this mean? This information provides a detailed description of the CVE-2024-43167 vulnerability, including affected packages, scoring, and frequently asked questions.