CVE-2024-7409

EPSS 1.71%
Published 05.08.2024 14:15:35
Last modified 02.05.2025 23:15:15
Source secalert@redhat.com
Teams watchlist Login
Open Login

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

Affected products Warnungen 0 Metrics 2 CWE 1 References 17

Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD

This information is available to logged-in users.

Daten sind bereitgestellt durch das CVE Programm von einer CVE Numbering Authority (CNA) (Unstrukturiert).

Collection URLhttps://github.com/qemu/qemu

≫

Package qemu

Default Statusunknown

Version 7.2.0

Status unaffected

Version 8.2.0

Status unaffected

Version 9.0.0

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 8100020240905091210.489197e6

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8

Default Statusaffected

Version < *

Version 8100020240905091210.489197e6

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 9

Default Statusaffected

Version < *

Version 17:9.0.0-10.el9_5

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 9.2 Extended Update Support

Default Statusaffected

Version < *

Version 17:7.2.0-14.el9_2.14

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 9.4 Extended Update Support

Default Statusaffected

Version < *

Version 17:8.2.0-11.el9_4.8

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.13

Default Statusaffected

Version < *

Version 413.92.202411212100-0

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.13

Default Statusaffected

Version < *

Version 413.92.202409180051-0

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.14

Default Statusaffected

Version < *

Version 414.92.202411130444-0

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.15

Default Statusaffected

Version < *

Version 415.92.202409162258-0

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.15

Default Statusaffected

Version < *

Version 415.92.202411050056-0

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.16

Default Statusaffected

Version < *

Version 416.94.202411261619-0

Status unaffected

VendorRed Hat

≫

Product Red Hat OpenShift Container Platform 4.17

Default Statusaffected

Version < *

Version 417.94.202411261220-0

Status unaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 10

Default Statusunaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 6

Default Statusunknown

VendorRed Hat

≫

Product Red Hat Enterprise Linux 7

Default Statusunknown

VendorRed Hat

≫

Product Red Hat Enterprise Linux 7

Default Statusunknown

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusaffected

VendorRed Hat

≫

Product Red Hat Enterprise Linux 8 Advanced Virtualization

Default Statusaffected

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	1.71%	0.817

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
secalert@redhat.com	7.5	3.9	3.6	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-662 Improper Synchronization

The product utilizes multiple threads or processes to allow temporary access to a shared resource that can only be exclusive to one process at a time, but it does not properly synchronize these actions, which might cause simultaneous accesses of this resource by multiple threads or processes.

https://access.redhat.com/errata/RHSA-2024:6964

https://access.redhat.com/errata/RHSA-2024:6818

https://access.redhat.com/errata/RHSA-2024:10518

https://access.redhat.com/errata/RHSA-2024:10528

https://access.redhat.com/errata/RHSA-2024:10813

https://access.redhat.com/errata/RHSA-2024:6811

https://access.redhat.com/errata/RHSA-2024:7408

https://access.redhat.com/errata/RHSA-2024:8991

https://access.redhat.com/errata/RHSA-2024:9136

https://access.redhat.com/errata/RHSA-2024:9620

https://access.redhat.com/errata/RHSA-2024:9912

https://access.redhat.com/security/cve/CVE-2024-7409