CVE-2024-27101 (GCVE-0-2024-27101)
Vulnerability from cvelistv5
Published
2024-03-01 21:01
Modified
2025-04-16 20:46
Severity ?
7.3 (High) - CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H
CWE
  • CWE-190 - Integer Overflow or Wraparound
Summary
SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic. Any SpiceDB cluster with any schema where a resource being checked has more than 65535 relationships for the same resource and subject type is affected by this problem. The CheckPermission, BulkCheckPermission, and LookupSubjects API methods are affected. This vulnerability is fixed in 1.29.2.
References
Impacted products
Vendor Product Version
authzed spicedb Version: < 1.29.2
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-27101",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-03-06T15:27:55.622555Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-16T20:46:45.603Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T00:27:59.368Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p",
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p"
          },
          {
            "name": "https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe",
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "spicedb",
          "vendor": "authzed",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.29.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic.  Any SpiceDB cluster with any schema where a resource being checked has more than 65535 relationships for the same resource and subject type is affected by this problem.  The CheckPermission, BulkCheckPermission, and LookupSubjects API methods are affected. This vulnerability is fixed in 1.29.2."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "CWE-190: Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-03-01T21:01:39.049Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p"
        },
        {
          "name": "https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe"
        }
      ],
      "source": {
        "advisory": "GHSA-h3m7-rqc4-7h9p",
        "discovery": "UNKNOWN"
      },
      "title": "Integer overflow in chunking helper causes dispatching to miss elements or panic"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2024-27101",
    "datePublished": "2024-03-01T21:01:39.049Z",
    "dateReserved": "2024-02-19T14:43:05.994Z",
    "dateUpdated": "2025-04-16T20:46:45.603Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p\", \"name\": \"https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe\", \"name\": \"https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T00:27:59.368Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-27101\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-03-06T15:27:55.622555Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-23T19:01:11.679Z\"}}], \"cna\": {\"title\": \"Integer overflow in chunking helper causes dispatching to miss elements or panic\", \"source\": {\"advisory\": \"GHSA-h3m7-rqc4-7h9p\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 7.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"authzed\", \"product\": \"spicedb\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 1.29.2\"}]}], \"references\": [{\"url\": \"https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p\", \"name\": \"https://github.com/authzed/spicedb/security/advisories/GHSA-h3m7-rqc4-7h9p\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe\", \"name\": \"https://github.com/authzed/spicedb/commit/ef443c442b96909694390324a99849b0407007fe\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"SpiceDB is an open source, Google Zanzibar-inspired database for creating and managing security-critical application permissions. Integer overflow in chunking helper causes dispatching to miss elements or panic.  Any SpiceDB cluster with any schema where a resource being checked has more than 65535 relationships for the same resource and subject type is affected by this problem.  The CheckPermission, BulkCheckPermission, and LookupSubjects API methods are affected. This vulnerability is fixed in 1.29.2.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-190\", \"description\": \"CWE-190: Integer Overflow or Wraparound\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2024-03-01T21:01:39.049Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-27101\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-04-16T20:46:45.603Z\", \"dateReserved\": \"2024-02-19T14:43:05.994Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2024-03-01T21:01:39.049Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.