VYPR
Unrated severityOSV Advisory· Published Aug 30, 2024· Updated Nov 8, 2025

Libvirt: crash of virtinterfaced via virconnectlistinterfaces()

CVE-2024-8235

Description

A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash of virtinterfaced. This issue could allow clients connecting to the read-only socket to crash the virtinterfaced daemon.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

35

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.