Vulnerability CVE-2024-2494: Information

Description

A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.

URL: https://nvd.nist.gov/vuln/detail/CVE-2024-2494
Published: March 21, 2024
Modified: April 30, 2024
Error type identifier: CWE-789

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
libvirtsisyphus9.8.0-alt510.2.0-alt1ALT-PU-2024-4299-2343222Fixed
libvirtsisyphus_riscv649.8.0-alt510.2.0-alt1ALT-PU-2024-4413-1-Fixed
libvirtsisyphus_loongarch649.8.0-alt510.2.0-alt1ALT-PU-2024-4365-1-Fixed
libvirtp109.7.0-alt2.p10.29.7.0-alt2.p10.2ALT-PU-2024-4301-3343223Fixed
libvirtp97.3.0-alt0.p9.37.3.0-alt0.p9.3ALT-PU-2024-4683-3343814Fixed
libvirtc10f19.7.0-alt2.p10.29.7.0-alt2.p10.2ALT-PU-2024-4681-2343808Fixed
libvirtc9f27.3.0-alt0.p9.37.3.0-alt0.p9.3ALT-PU-2024-4685-3343815Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://access.redhat.com/security/cve/CVE-2024-2494
    RHBZ#2270115
      https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/
        https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
          RHSA-2024:2560
            VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
            Version: v24.5.0
            Back to top