Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2024-1441

Опубликовано: 11 мар. 2024
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 5.5

Описание

An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the names array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.

РелизСтатусПримечание
devel

released

10.0.0-2ubuntu8.1
esm-infra-legacy/trusty

needs-triage

esm-infra/bionic

needs-triage

esm-infra/focal

not-affected

6.0.0-0ubuntu8.19
esm-infra/xenial

needs-triage

focal

released

6.0.0-0ubuntu8.19
jammy

released

8.0.0-1ubuntu7.10
mantic

released

9.6.0-1ubuntu1.1
noble

released

10.0.0-2ubuntu8.1
oracular

released

10.0.0-2ubuntu8.1

Показывать по

EPSS

Процентиль: 21%
0.00068
Низкий

5.5 Medium

CVSS3

Связанные уязвимости

CVSS3: 5.5
redhat
больше 1 года назад

An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.

CVSS3: 5.5
nvd
больше 1 года назад

An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.

CVSS3: 5.5
msrc
около 1 года назад

Описание отсутствует

CVSS3: 5.5
debian
больше 1 года назад

An off-by-one error flaw was found in the udevListInterfacesByStatus() ...

CVSS3: 5.5
github
больше 1 года назад

An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.

EPSS

Процентиль: 21%
0.00068
Низкий

5.5 Medium

CVSS3