CVE-2024-2494

Опубликовано: 21 мар. 2024

Источник: redhat

CVSS3: 6.2

EPSS Низкий

Описание

A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.

Меры по смягчению последствий

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux 6	libvirt	Out of support scope
Red Hat Enterprise Linux 7	libvirt	Out of support scope
Red Hat Enterprise Linux 8 Advanced Virtualization	virt:av/libvirt	Will not fix
Red Hat Enterprise Linux 8	virt-devel	Fixed	RHSA-2024:3253	22.05.2024
Red Hat Enterprise Linux 8	virt	Fixed	RHSA-2024:3253	22.05.2024
Red Hat Enterprise Linux 9	libvirt	Fixed	RHSA-2024:2560	30.04.2024

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-789

https://bugzilla.redhat.com/show_bug.cgi?id=2270115libvirt: negative g_new0 length can lead to unbounded memory allocation

EPSS

Процентиль: 6%

0.00027

Низкий

6.2 Medium

CVSS3

Связанные уязвимости

CVE-2024-2494

CVSS3: 6.2

ubuntu

больше 1 года назад

CVE-2024-2494

CVSS3: 6.2

nvd

больше 1 года назад

CVE-2024-2494

CVSS3: 6.2

msrc

около 1 года назад

Описание отсутствует

CVE-2024-2494

CVSS3: 6.2

debian

больше 1 года назад

A flaw was found in the RPC library APIs of libvirt. The RPC server de ...

SUSE-SU-2024:1100-1

suse-cvrf

около 1 года назад

Security update for libvirt

EPSS

Процентиль: 6%

0.00027

Низкий

6.2 Medium

CVSS3