ELSA-2024-12406

Опубликовано: 03 июн. 2024

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2024-12406: libvirt security update (MODERATE)

libvirt [9.0.0-5.el9]

Fix off-by-one error in udevListInterfacesByStatus (Martin Kletzander) [Orabug: 36364464] {CVE-2024-1441}

libvirt-python [9.0.0-5.el9]

Update to libvirt 9.0.0-5 (Karl Heubaum)

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

libvirt

9.0.0-5.el9

libvirt-client

9.0.0-5.el9

libvirt-client-qemu

9.0.0-5.el9

libvirt-daemon

9.0.0-5.el9

libvirt-daemon-config-network

9.0.0-5.el9

libvirt-daemon-config-nwfilter

9.0.0-5.el9

libvirt-daemon-driver-interface

9.0.0-5.el9

libvirt-daemon-driver-network

9.0.0-5.el9

libvirt-daemon-driver-nodedev

9.0.0-5.el9

libvirt-daemon-driver-nwfilter

9.0.0-5.el9

libvirt-daemon-driver-qemu

9.0.0-5.el9

libvirt-daemon-driver-secret

9.0.0-5.el9

libvirt-daemon-driver-storage

9.0.0-5.el9

libvirt-daemon-driver-storage-core

9.0.0-5.el9

libvirt-daemon-driver-storage-disk

9.0.0-5.el9

libvirt-daemon-driver-storage-iscsi

9.0.0-5.el9

libvirt-daemon-driver-storage-logical

9.0.0-5.el9

libvirt-daemon-driver-storage-mpath

9.0.0-5.el9

libvirt-daemon-driver-storage-rbd

9.0.0-5.el9

libvirt-daemon-driver-storage-scsi

9.0.0-5.el9

libvirt-daemon-kvm

9.0.0-5.el9

libvirt-devel

9.0.0-5.el9

libvirt-docs

9.0.0-5.el9

libvirt-libs

9.0.0-5.el9

libvirt-lock-sanlock

9.0.0-5.el9

libvirt-nss

9.0.0-5.el9

libvirt-wireshark

9.0.0-5.el9

python3-libvirt

9.0.0-5.el9

Oracle Linux x86_64

libvirt

9.0.0-5.el9

libvirt-client

9.0.0-5.el9

libvirt-client-qemu

9.0.0-5.el9

libvirt-daemon

9.0.0-5.el9

libvirt-daemon-config-network

9.0.0-5.el9

libvirt-daemon-config-nwfilter

9.0.0-5.el9

libvirt-daemon-driver-interface

9.0.0-5.el9

libvirt-daemon-driver-network

9.0.0-5.el9

libvirt-daemon-driver-nodedev

9.0.0-5.el9

libvirt-daemon-driver-nwfilter

9.0.0-5.el9

libvirt-daemon-driver-qemu

9.0.0-5.el9

libvirt-daemon-driver-secret

9.0.0-5.el9

libvirt-daemon-driver-storage

9.0.0-5.el9

libvirt-daemon-driver-storage-core

9.0.0-5.el9

libvirt-daemon-driver-storage-disk

9.0.0-5.el9

libvirt-daemon-driver-storage-iscsi

9.0.0-5.el9

libvirt-daemon-driver-storage-logical

9.0.0-5.el9

libvirt-daemon-driver-storage-mpath

9.0.0-5.el9

libvirt-daemon-driver-storage-rbd

9.0.0-5.el9

libvirt-daemon-driver-storage-scsi

9.0.0-5.el9

libvirt-daemon-kvm

9.0.0-5.el9

libvirt-devel

9.0.0-5.el9

libvirt-docs

9.0.0-5.el9

libvirt-libs

9.0.0-5.el9

libvirt-lock-sanlock

9.0.0-5.el9

libvirt-nss

9.0.0-5.el9

libvirt-wireshark

9.0.0-5.el9

python3-libvirt

9.0.0-5.el9

Связанные CVE

CVE-2024-1441

Ссылки на источники

Связанные уязвимости

CVE-2024-1441

CVSS3: 5.5

ubuntu

больше 1 года назад

An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.