rpm package
almalinux/libvirt-client-qemu
pkg:rpm/almalinux/libvirt-client-qemu
Vulnerabilities (7)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-8235 | — | < 10.5.0-7.el9_5.alma.1 | 10.5.0-7.el9_5.alma.1 | Aug 30, 2024 | A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash | ||
| CVE-2024-4418 | Med | 6.2 | < 10.0.0-6.6.el9_4.alma.1 | 10.0.0-6.6.el9_4.alma.1 | May 8, 2024 | A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while | |
| CVE-2024-2494 | Med | 6.2 | < 10.0.0-6.2.el9_4.alma.1 | 10.0.0-6.2.el9_4.alma.1 | Mar 21, 2024 | A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ | |
| CVE-2024-2496 | — | < 10.0.0-6.el9_4.alma.1 | 10.0.0-6.el9_4.alma.1 | Mar 18, 2024 | A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perfo | ||
| CVE-2024-1441 | Med | 5.5 | < 10.0.0-6.2.el9_4.alma.1 | 10.0.0-6.2.el9_4.alma.1 | Mar 11, 2024 | An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to | |
| CVE-2023-3750 | — | < 9.5.0-7.el9_3.alma.1 | 9.5.0-7.el9_3.alma.1 | Jul 24, 2023 | A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read- | ||
| CVE-2023-2700 | — | < 9.0.0-10.2.el9_2 | 9.0.0-10.2.el9_2 | May 15, 2023 | A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. |
- CVE-2024-8235Aug 30, 2024affected < 10.5.0-7.el9_5.alma.1fixed 10.5.0-7.el9_5.alma.1
A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case would lead to a NULL-pointer dereference and subsequent crash
- affected < 10.0.0-6.6.el9_4.alma.1fixed 10.0.0-6.6.el9_4.alma.1
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while
- affected < 10.0.0-6.2.el9_4.alma.1fixed 10.0.0-6.2.el9_4.alma.1
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ
- CVE-2024-2496Mar 18, 2024affected < 10.0.0-6.el9_4.alma.1fixed 10.0.0-6.el9_4.alma.1
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perfo
- affected < 10.0.0-6.2.el9_4.alma.1fixed 10.0.0-6.2.el9_4.alma.1
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to
- CVE-2023-3750Jul 24, 2023affected < 9.5.0-7.el9_3.alma.1fixed 9.5.0-7.el9_3.alma.1
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-
- CVE-2023-2700May 15, 2023affected < 9.0.0-10.2.el9_2fixed 9.0.0-10.2.el9_2
A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.