(RHSA-2024:2236) Moderate: libvirt security update

2024-04-3006:15:07

access.redhat.com

libvirt library

virtualization

remote management

null pointer dereference

cve-2024-2496

red hat enterprise linux 9.4

5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

6.7 Medium

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

15.5%

JSON

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

Security Fix(es):

libvirt: NULL pointer dereference in udevConnectListAllInterfaces() (CVE-2024-2496)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.

OSVersionArchitecturePackageVersionFilename
RedHat9x86_64libvirt-daemon-driver-storage-rbd-debuginfo< 10.0.0-6.el9_4libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-6.el9_4.x86_64.rpm
RedHat9ppc64lelibvirt-daemon-driver-storage-rbd-debuginfo< 10.0.0-6.el9_4libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-6.el9_4.ppc64le.rpm
RedHat9x86_64libvirt-daemon-driver-storage-mpath< 10.0.0-6.el9_4libvirt-daemon-driver-storage-mpath-10.0.0-6.el9_4.x86_64.rpm
RedHat9ppc64lelibvirt-daemon-common-debuginfo< 10.0.0-6.el9_4libvirt-daemon-common-debuginfo-10.0.0-6.el9_4.ppc64le.rpm
RedHat9x86_64libvirt-daemon-plugin-sanlock< 10.0.0-6.el9_4libvirt-daemon-plugin-sanlock-10.0.0-6.el9_4.x86_64.rpm
RedHat9x86_64libvirt-daemon-driver-secret-debuginfo< 10.0.0-6.el9_4libvirt-daemon-driver-secret-debuginfo-10.0.0-6.el9_4.x86_64.rpm
RedHat9ppc64lelibvirt-devel< 10.0.0-6.el9_4libvirt-devel-10.0.0-6.el9_4.ppc64le.rpm
RedHat9ppc64lelibvirt-daemon-driver-storage-logical< 10.0.0-6.el9_4libvirt-daemon-driver-storage-logical-10.0.0-6.el9_4.ppc64le.rpm
RedHat9x86_64libvirt-daemon-config-nwfilter< 10.0.0-6.el9_4libvirt-daemon-config-nwfilter-10.0.0-6.el9_4.x86_64.rpm
RedHat9ppc64lelibvirt-daemon-log< 10.0.0-6.el9_4libvirt-daemon-log-10.0.0-6.el9_4.ppc64le.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	9	x86_64	libvirt-daemon-driver-storage-rbd-debuginfo	< 10.0.0-6.el9_4	libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-6.el9_4.x86_64.rpm
RedHat	9	ppc64le	libvirt-daemon-driver-storage-rbd-debuginfo	< 10.0.0-6.el9_4	libvirt-daemon-driver-storage-rbd-debuginfo-10.0.0-6.el9_4.ppc64le.rpm
RedHat	9	x86_64	libvirt-daemon-driver-storage-mpath	< 10.0.0-6.el9_4	libvirt-daemon-driver-storage-mpath-10.0.0-6.el9_4.x86_64.rpm
RedHat	9	ppc64le	libvirt-daemon-common-debuginfo	< 10.0.0-6.el9_4	libvirt-daemon-common-debuginfo-10.0.0-6.el9_4.ppc64le.rpm
RedHat	9	x86_64	libvirt-daemon-plugin-sanlock	< 10.0.0-6.el9_4	libvirt-daemon-plugin-sanlock-10.0.0-6.el9_4.x86_64.rpm
RedHat	9	x86_64	libvirt-daemon-driver-secret-debuginfo	< 10.0.0-6.el9_4	libvirt-daemon-driver-secret-debuginfo-10.0.0-6.el9_4.x86_64.rpm
RedHat	9	ppc64le	libvirt-devel	< 10.0.0-6.el9_4	libvirt-devel-10.0.0-6.el9_4.ppc64le.rpm
RedHat	9	ppc64le	libvirt-daemon-driver-storage-logical	< 10.0.0-6.el9_4	libvirt-daemon-driver-storage-logical-10.0.0-6.el9_4.ppc64le.rpm
RedHat	9	x86_64	libvirt-daemon-config-nwfilter	< 10.0.0-6.el9_4	libvirt-daemon-config-nwfilter-10.0.0-6.el9_4.x86_64.rpm
RedHat	9	ppc64le	libvirt-daemon-log	< 10.0.0-6.el9_4	libvirt-daemon-log-10.0.0-6.el9_4.ppc64le.rpm