Red Hat: CVE-2024-2496: libvirt: NULL pointer dereference in udevConnectListAllInterfaces() (Multiple Advisories)

Red Hat: CVE-2024-2496: libvirt: NULL pointer dereference in udevConnectListAllInterfaces() (Multiple Advisories)

Severity

5

CVSS

(AV:L/AC:L/Au:S/C:N/I:N/A:C)

Published

03/18/2024

Created

05/01/2024

Added

05/01/2024

Modified

09/03/2024

Description

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.

Solution(s)

• redhat-upgrade-libvirt
• redhat-upgrade-libvirt-client
• redhat-upgrade-libvirt-client-debuginfo
• redhat-upgrade-libvirt-client-qemu
• redhat-upgrade-libvirt-daemon
• redhat-upgrade-libvirt-daemon-common
• redhat-upgrade-libvirt-daemon-common-debuginfo
• redhat-upgrade-libvirt-daemon-config-network
• redhat-upgrade-libvirt-daemon-config-nwfilter
• redhat-upgrade-libvirt-daemon-debuginfo
• redhat-upgrade-libvirt-daemon-driver-interface
• redhat-upgrade-libvirt-daemon-driver-interface-debuginfo
• redhat-upgrade-libvirt-daemon-driver-network
• redhat-upgrade-libvirt-daemon-driver-network-debuginfo
• redhat-upgrade-libvirt-daemon-driver-nodedev
• redhat-upgrade-libvirt-daemon-driver-nodedev-debuginfo
• redhat-upgrade-libvirt-daemon-driver-nwfilter
• redhat-upgrade-libvirt-daemon-driver-nwfilter-debuginfo
• redhat-upgrade-libvirt-daemon-driver-qemu
• redhat-upgrade-libvirt-daemon-driver-qemu-debuginfo
• redhat-upgrade-libvirt-daemon-driver-secret
• redhat-upgrade-libvirt-daemon-driver-secret-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage
• redhat-upgrade-libvirt-daemon-driver-storage-core
• redhat-upgrade-libvirt-daemon-driver-storage-core-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage-disk
• redhat-upgrade-libvirt-daemon-driver-storage-disk-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage-iscsi
• redhat-upgrade-libvirt-daemon-driver-storage-iscsi-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage-logical
• redhat-upgrade-libvirt-daemon-driver-storage-logical-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage-mpath
• redhat-upgrade-libvirt-daemon-driver-storage-mpath-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage-rbd
• redhat-upgrade-libvirt-daemon-driver-storage-rbd-debuginfo
• redhat-upgrade-libvirt-daemon-driver-storage-scsi
• redhat-upgrade-libvirt-daemon-driver-storage-scsi-debuginfo
• redhat-upgrade-libvirt-daemon-kvm
• redhat-upgrade-libvirt-daemon-lock
• redhat-upgrade-libvirt-daemon-lock-debuginfo
• redhat-upgrade-libvirt-daemon-log
• redhat-upgrade-libvirt-daemon-log-debuginfo
• redhat-upgrade-libvirt-daemon-plugin-lockd
• redhat-upgrade-libvirt-daemon-plugin-lockd-debuginfo
• redhat-upgrade-libvirt-daemon-plugin-sanlock
• redhat-upgrade-libvirt-daemon-plugin-sanlock-debuginfo
• redhat-upgrade-libvirt-daemon-proxy
• redhat-upgrade-libvirt-daemon-proxy-debuginfo
• redhat-upgrade-libvirt-debuginfo
• redhat-upgrade-libvirt-debugsource
• redhat-upgrade-libvirt-devel
• redhat-upgrade-libvirt-docs
• redhat-upgrade-libvirt-libs
• redhat-upgrade-libvirt-libs-debuginfo
• redhat-upgrade-libvirt-nss
• redhat-upgrade-libvirt-nss-debuginfo
• redhat-upgrade-libvirt-wireshark-debuginfo

References

• CVE-2024-2496
• RHSA-2024:2236