{"id":"CVE-2024-54129","summary":"Improper Initialization of `imc` Scheme Leading to `SIGABRT` in ION-DTN BPv7","details":"The NASA’s Interplanetary Overlay Network (ION) is an implementation of Delay/Disruption Tolerant Networking (DTN). A vulnerability exists in the version ION-DTN BPv7 implementation version 4.1.3 when receiving a bundle with an improper reference to the imc scheme with valid Service-Specific Part (SSP) in their Previous Node Block. The vulnerability can cause ION to become unresponsive. This vulnerability is fixed in 4.1.3s.","aliases":["GHSA-393w-w6jh-pq3j"],"modified":"2026-04-10T05:19:04.495909Z","published":"2024-12-05T15:13:53.901Z","database_specific":{"cwe_ids":["CWE-665"],"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/54xxx/CVE-2024-54129.json","cna_assigner":"GitHub_M"},"references":[{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2024/54xxx/CVE-2024-54129.json"},{"type":"ADVISORY","url":"https://github.com/nasa-jpl/ION-DTN/security/advisories/GHSA-393w-w6jh-pq3j"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-54129"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/nasa-jpl/ion-dtn","events":[{"introduced":"0"},{"fixed":"236eec4f84c333b2886084f4b70435cb4b8e21b8"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"4.1.3s"}]}}],"versions":["IOS-4.1.1","ion-2.1.0","ion-2.2.0","ion-2.2.1","ion-2.2.1b","ion-2.3.0","ion-2.4.0","ion-2.5.0","ion-3.0.0","ion-3.1.0","ion-3.2.0","ion-3.3.0","ion-3.4.0","ion-3.5.0","ion-3.6.0","ion-4.1.1-release","ion-open-source-4.1.1","ion-open-source-4.1.2","ion-open-source-4.1.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-54129.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H"}]}