CVE-2024-8235

🗓️ 30 Aug 2024 16:16:57Reported by redhatType

A flaw in libvirt allowing clients to crash virtinterfaced daemo

Reporter	Title	Published	Views	Family All 39
AlpineLinux	CVE-2024-8235	30 Aug 202416:16	–	alpinelinux
AlmaLinux	Moderate: libvirt security update	12 Nov 202400:00	–	almalinux
AstraLinux	Astra Linux - уязвимость в libvirt	3 May 202623:59	–	astralinux
Circl	CVE-2024-8235	30 Aug 202419:49	–	circl
CNNVD	libvirt 代码问题漏洞	29 Aug 202400:00	–	cnnvd
Cvelist	CVE-2024-8235 Libvirt: crash of virtinterfaced via virconnectlistinterfaces()	30 Aug 202416:16	–	cvelist
Debian CVE	CVE-2024-8235	30 Aug 202416:16	–	debiancve
Oracle linux	libvirt security update	14 Nov 202400:00	–	oraclelinux
EUVD	EUVD-2024-49040	3 Oct 202520:07	–	euvd
Tenable Nessus	MiracleLinux 9 : libvirt-10.5.0-7.el9.ML.1 (AXSA:2024-9096:07)	20 Jan 202600:00	–	nessus

NVD

Node

redhat libvirtRange10.4.0–10.7.0

AND

redhat enterprise_linuxMatch9.0

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "10.4.0",
        "lessThan": "10.7.0",
        "versionType": "semver"
      }
    ],
    "packageName": "libvirt",
    "collectionURL": "https://gitlab.com/libvirt/libvirt",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:10.5.0-7.el9_5",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/a:redhat:enterprise_linux:9::crb"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 6",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:6"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "libvirt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "virt:rhel/libvirt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "virt:av/libvirt",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:advanced_virtualization:8::el8"
    ]
  }
]

Source	Link
access	www.access.redhat.com/security/cve/CVE-2024-8235
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
lists	www.lists.libvirt.org/archives/list/[email protected]/thread/X6WOVCL6QF3FQRFIIXL736RFZVSUWLWJ/
access	www.access.redhat.com/errata/RHSA-2024:9128
security	www.security.netapp.com/advisory/ntap-20240920-0006/

08 Nov 2025 07:13Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.16.2

EPSS0.00077

SSVC

CWE-476