A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
Fixes

Solution

No solution given by the vendor.


Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

History

Wed, 09 Apr 2025 16:00:00 +0000

Type Values Removed Values Added
First Time appeared Debian
Debian debian Linux
Redhat libvirt
CPEs cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:advanced_virtualization:*:*:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*
Vendors & Products Debian
Debian debian Linux
Redhat libvirt

Fri, 22 Nov 2024 12:00:00 +0000

Type Values Removed Values Added
References

Wed, 06 Nov 2024 15:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-09-26T06:28:49.484Z

Reserved: 2024-03-15T09:41:53.324Z

Link: CVE-2024-2496

cve-icon Vulnrichment

Updated: 2024-08-01T19:18:46.476Z

cve-icon NVD

Status : Analyzed

Published: 2024-03-18T13:15:08.207

Modified: 2025-04-09T15:36:43.337

Link: CVE-2024-2496

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-02-26T00:00:00Z

Links: CVE-2024-2496 - Bugzilla

cve-icon OpenCVE Enrichment

No data.