CVE-2024-2494

EPSS 0.03%
Published 21.03.2024 14:15:10
Last modified 21.11.2024 09:09:52
Source secalert@redhat.com
Teams watchlist Login
Open Login

A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.

Affected products Warnungen 0 Metrics 2 CWE 1 References 10

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Collection URLhttps://gitlab.com/libvirt/libvirt/

≫

Package libvirt

Default Statusunaffected

Version < 9.7.0

Version 9.0.0

Status affected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 8100020240409073027.489197e6

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 8100020240409073027.489197e6

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 0:10.0.0-6.2.el9_4

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 6

Default Statusunknown

VendorRed Hat

≫

Product Red Hat Enterprise Linux 7

Default Statusunknown

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.03%	0.08

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
secalert@redhat.com	6.2	2.5	3.6	CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-789 Memory Allocation with Excessive Size Value

The product allocates memory based on an untrusted, large size value, but it does not ensure that the size is within expected limits, allowing arbitrary amounts of memory to be allocated.

https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html

https://access.redhat.com/errata/RHSA-2024:2560

https://access.redhat.com/errata/RHSA-2024:3253

https://access.redhat.com/security/cve/CVE-2024-2494

https://bugzilla.redhat.com/show_bug.cgi?id=2270115

https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/

https://security.netapp.com/advisory/ntap-20240517-0009/

https://nvd.nist.gov/vuln/detail/CVE-2024-2494

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2024-2494

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2024-2494

EUVD