Lucene search
Ubuntu.comUB:CVE-2024-2494HistoryMar 20, 2024 - 12:00 a.m.
CVE-2024-2494
2024-03-2000:00:00
ubuntu.com
ubuntu.com
8
libvirt
rpc
denial of service
A flaw was found in the RPC library APIs of libvirt. The RPC server
deserialization code allocates memory for arrays before the non-negative
length check is performed by the C API entry points. Passing a negative
length to the g_new0 function results in a crash due to the negative length
being treated as a huge positive number. This flaw allows a local,
unprivileged user to perform a denial of service attack by causing the
libvirt daemon to crash.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 18.04 | noarch | libvirt | < any | UNKNOWN |
| ubuntu | 20.04 | noarch | libvirt | < 6.0.0-0ubuntu8.19 | UNKNOWN |
| ubuntu | 22.04 | noarch | libvirt | < 8.0.0-1ubuntu7.10 | UNKNOWN |
| ubuntu | 23.10 | noarch | libvirt | < 9.6.0-1ubuntu1.1 | UNKNOWN |
| ubuntu | 24.04 | noarch | libvirt | < 10.0.0-2ubuntu8.1 | UNKNOWN |
| ubuntu | 14.04 | noarch | libvirt | < any | UNKNOWN |
| ubuntu | 16.04 | noarch | libvirt | < any | UNKNOWN |
Related
nessus
nessus
SUSE SLES12 Security Update : libvirt (SUSE-SU-2024:1083-1)
2024-04-03 00:00:00
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2024:3253)
2024-05-23 00:00:00
SUSE SLES15 Security Update : libvirt (SUSE-SU-2024:1078-1)
2024-04-02 00:00:00
cvelist
cvelist
openvas
openvas
openSUSE: Security Advisory for libvirt (SUSE-SU-2024:1100-1)
2024-04-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1100-1)
2024-05-07 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:1083-1)
2024-05-07 00:00:00
redhatcve
redhatcve
CVE-2024-2494
2024-03-21 09:31:39
debiancve
debiancve
CVE-2024-2494
2024-03-21 14:15:10
oraclelinux
oraclelinux
virt:ol and virt-devel:rhel security update
2024-05-30 00:00:00
libvirt security and bug fix update
2024-05-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2024-04-02 07:17:04
cve
cve
CVE-2024-2494
2024-03-21 14:15:10
redhat
redhat
(RHSA-2024:3253) Moderate: virt:rhel and virt-devel:rhel security update
2024-05-22 10:41:20
(RHSA-2024:2560) Moderate: libvirt security and bug fix update
2024-04-30 11:38:52
cbl_mariner
cbl_mariner
CVE-2024-2494 affecting package libvirt for versions less than 7.10.0-9
2024-04-30 01:31:53
mageia
mageia
Updated libvirt packages fix security vulnerability
2024-04-07 01:16:44
redos
redos
ROS-20240423-02
2024-04-23 00:00:00
osv
osv
Moderate: libvirt security and bug fix update
2024-04-30 00:00:00
libvirt vulnerabilities
2024-04-29 11:43:27
Moderate: libvirt security and bug fix update
2024-05-10 14:32:38
ubuntu
ubuntu
libvirt vulnerabilities
2024-04-29 00:00:00
libvirt vulnerabilities
2024-04-15 00:00:00
almalinux
almalinux
Moderate: libvirt security and bug fix update
2024-04-30 00:00:00
rocky
rocky
libvirt security and bug fix update
2024-05-10 14:32:38
amazon
amazon
Medium: libvirt
2024-04-11 01:07:00
debian
debian
[SECURITY] [DLA 3778-1] libvirt security update
2024-04-01 12:19:36