libvirt vulnerabilities

2024-04-1500:00:00

ubuntu.com

libvirt

ubuntu

vulnerabilities

denial of service

api calls

crash

detaching

host interfaces

cve-2024-1441

cve-2024-2494

cve-2024-2496

6.2 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.4 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

26.8%

JSON

Releases

Ubuntu 23.10
Ubuntu 22.04 LTS
Ubuntu 20.04 LTS

Packages

libvirt - Libvirt virtualization toolkit

Details

Alexander Kuznetsov discovered that libvirt incorrectly handled certain API
calls. An attacker could possibly use this issue to cause libvirt to crash,
resulting in a denial of service. (CVE-2024-1441)

It was discovered that libvirt incorrectly handled certain RPC library API
calls. An attacker could possibly use this issue to cause libvirt to crash,
resulting in a denial of service. (CVE-2024-2494)

It was discovered that libvirt incorrectly handled detaching certain host
interfaces. An attacker could possibly use this issue to cause libvirt to
crash, resulting in a denial of service. (CVE-2024-2496)

OSVersionArchitecturePackageVersionFilename
Ubuntu23.10noarchlibvirt-daemon< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibnss-libvirt< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibnss-libvirt-dbgsym< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-clients< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-clients-dbgsym< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-clients-qemu< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-daemon-config-network< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-daemon-config-nwfilter< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-daemon-dbgsym< 9.6.0-1ubuntu1.1UNKNOWN
Ubuntu23.10noarchlibvirt-daemon-driver-lxc< 9.6.0-1ubuntu1.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Ubuntu	23.10	noarch	libvirt-daemon	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libnss-libvirt	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libnss-libvirt-dbgsym	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-clients	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-clients-dbgsym	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-clients-qemu	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-daemon-config-network	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-daemon-config-nwfilter	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-daemon-dbgsym	< 9.6.0-1ubuntu1.1	UNKNOWN
Ubuntu	23.10	noarch	libvirt-daemon-driver-lxc	< 9.6.0-1ubuntu1.1	UNKNOWN