{"id":"UBUNTU-CVE-2024-38517","details":"Tencent RapidJSON is vulnerable to privilege escalation due to an integer underflow in the `GenericReader::ParseNumber()` function of `include/rapidjson/reader.h` when parsing JSON text from a stream. An attacker needs to send the victim a crafted file which needs to be opened; this triggers the integer underflow vulnerability (when the file is parsed), leading to elevation of privilege.","modified":"2026-01-30T02:34:41.172979Z","published":"2024-07-09T19:15:00Z","related":["USN-7125-1"],"upstream":["CVE-2024-38517"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2024-38517"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2024-38517"},{"type":"REPORT","url":"https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38517"},{"type":"REPORT","url":"https://github.com/Tencent/rapidjson/pull/1261/commits/8269bc2bc289e9d343bae51cdf6d23ef0950e001"},{"type":"REPORT","url":"https://github.com/fmalita/rapidjson/commit/8269bc2bc289e9d343bae51cdf6d23ef0950e001"},{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7125-1"}],"affected":[{"package":{"name":"rapidjson","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/rapidjson@0.12~git20141031-3ubuntu0.1~esm1?arch=source&distro=esm-apps/xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.12~git20141031-3ubuntu0.1~esm1"}]}],"versions":["0.12~git20141031-3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"0.12~git20141031-3ubuntu0.1~esm1","binary_name":"rapidjson-dev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38517.json"}},{"package":{"name":"rapidjson","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/rapidjson@1.1.0+dfsg2-3ubuntu0.1~esm1?arch=source&distro=esm-apps/bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0+dfsg2-3ubuntu0.1~esm1"}]}],"versions":["0.12~git20141031+dfsg-1","1.1.0+dfsg2-3"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1.1.0+dfsg2-3ubuntu0.1~esm1","binary_name":"rapidjson-dev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38517.json"}},{"package":{"name":"rapidjson","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/rapidjson@1.1.0+dfsg2-5ubuntu1+esm1?arch=source&distro=esm-apps/focal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0+dfsg2-5ubuntu1+esm1"}]}],"versions":["1.1.0+dfsg2-5","1.1.0+dfsg2-5ubuntu1"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1.1.0+dfsg2-5ubuntu1+esm1","binary_name":"rapidjson-dev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38517.json"}},{"package":{"name":"rapidjson","ecosystem":"Ubuntu:Pro:22.04:LTS","purl":"pkg:deb/ubuntu/rapidjson@1.1.0+dfsg2-7ubuntu0.1~esm1?arch=source&distro=esm-apps/jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0+dfsg2-7ubuntu0.1~esm1"}]}],"versions":["1.1.0+dfsg2-7"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1.1.0+dfsg2-7ubuntu0.1~esm1","binary_name":"rapidjson-dev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38517.json"}},{"package":{"name":"rapidjson","ecosystem":"Ubuntu:Pro:24.04:LTS","purl":"pkg:deb/ubuntu/rapidjson@1.1.0+dfsg2-7.2ubuntu0.1~esm1?arch=source&distro=esm-apps/noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.1.0+dfsg2-7.2ubuntu0.1~esm1"}]}],"versions":["1.1.0+dfsg2-7.1","1.1.0+dfsg2-7.2"],"ecosystem_specific":{"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro","binaries":[{"binary_version":"1.1.0+dfsg2-7.2ubuntu0.1~esm1","binary_name":"rapidjson-dev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38517.json"}},{"package":{"name":"rapidjson","ecosystem":"Ubuntu:25.10","purl":"pkg:deb/ubuntu/rapidjson@1.1.0+dfsg2-7.3ubuntu1?arch=source&distro=questing"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1.1.0+dfsg2-7.3ubuntu1"],"ecosystem_specific":{"binaries":[{"binary_version":"1.1.0+dfsg2-7.3ubuntu1","binary_name":"rapidjson-dev"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-38517.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]}