OpenCVE

A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable no

Technical Impact total

Vendors	Products
Redhat	Advanced Virtualization Container Native Virtualization Enterprise Linux Rhel Aus Rhel E4s Rhel Eus Rhel Tus

No data.

Package	CPE	Advisory	Released Date
Advanced Virtualization for RHEL 8.2.1
virt:8.2-8020120240708124623.863bb0db	cpe:/a:redhat:advanced_virtualization:8.2::el8	RHSA-2024:4727	2024-07-23T00:00:00Z
Advanced Virtualization for RHEL 8.4.0.EUS
virt:av-8040020240708093550.522a0ee4	cpe:/a:redhat:advanced_virtualization:8.4::el8	RHSA-2024:4724	2024-07-23T00:00:00Z
virt-devel:av-8040020240708093550.522a0ee4	cpe:/a:redhat:advanced_virtualization:8.4::el8	RHSA-2024:4724	2024-07-23T00:00:00Z
Red Hat Enterprise Linux 8
virt-devel:rhel-8100020240704072441.489197e6	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:4420	2024-07-09T00:00:00Z
virt:rhel-8100020240704072441.489197e6	cpe:/a:redhat:enterprise_linux:8	RHSA-2024:4420	2024-07-09T00:00:00Z
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support
virt:rhel-8040020240703100448.522a0ee4	cpe:/a:redhat:rhel_aus:8.4	RHSA-2024:4374	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 8.4 Telecommunications Update Service
virt:rhel-8040020240703100448.522a0ee4	cpe:/a:redhat:rhel_tus:8.4	RHSA-2024:4374	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions
virt:rhel-8040020240703100448.522a0ee4	cpe:/a:redhat:rhel_e4s:8.4	RHSA-2024:4374	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support
virt:rhel-8060020240703092415.ad008a3a	cpe:/a:redhat:rhel_aus:8.6	RHSA-2024:4373	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 8.6 Telecommunications Update Service
virt:rhel-8060020240703092415.ad008a3a	cpe:/a:redhat:rhel_tus:8.6	RHSA-2024:4373	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions
virt:rhel-8060020240703092415.ad008a3a	cpe:/a:redhat:rhel_e4s:8.6	RHSA-2024:4373	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 8.8 Extended Update Support
virt-devel:rhel-8080020240703085245.63b34585	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:4372	2024-07-08T00:00:00Z
virt:rhel-8080020240703085245.63b34585	cpe:/a:redhat:rhel_eus:8.8	RHSA-2024:4372	2024-07-08T00:00:00Z
Red Hat Enterprise Linux 9
qemu-kvm-17:8.2.0-11.el9_4.4	cpe:/a:redhat:enterprise_linux:9	RHSA-2024:4278	2024-07-02T00:00:00Z
Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions
qemu-kvm-17:6.2.0-11.el9_0.9	cpe:/a:redhat:rhel_e4s:9.0	RHSA-2024:4276	2024-07-02T00:00:00Z
Red Hat Enterprise Linux 9.2 Extended Update Support
qemu-kvm-17:7.2.0-14.el9_2.11	cpe:/a:redhat:rhel_eus:9.2	RHSA-2024:4277	2024-07-02T00:00:00Z

References

Link	Providers
http://www.openwall.com/lists/oss-security/2024/07/23/2
https://access.redhat.com/errata/RHSA-2024:4276
https://access.redhat.com/errata/RHSA-2024:4277
https://access.redhat.com/errata/RHSA-2024:4278
https://access.redhat.com/errata/RHSA-2024:4372
https://access.redhat.com/errata/RHSA-2024:4373
https://access.redhat.com/errata/RHSA-2024:4374
https://access.redhat.com/errata/RHSA-2024:4420
https://access.redhat.com/errata/RHSA-2024:4724
https://access.redhat.com/errata/RHSA-2024:4727
https://access.redhat.com/security/cve/CVE-2024-4467
https://bugzilla.redhat.com/show_bug.cgi?id=2278875
https://nvd.nist.gov/vuln/detail/CVE-2024-4467
https://security.netapp.com/advisory/ntap-20240822-0005/
https://www.cve.org/CVERecord?id=CVE-2024-4467

History

Fri, 22 Nov 2024 12:00:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2024/07/23/2 https://security.netapp.com/advisory/ntap-20240822-0005/

Tue, 12 Nov 2024 10:15:00 +0000

Type	Values Removed	Values Added
References	http://www.openwall.com/lists/oss-security/2024/07/23/2 https://security.netapp.com/advisory/ntap-20240822-0005/
Metrics		ssvc `{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}`

Fri, 23 Aug 2024 20:30:00 +0000

Type	Values Removed	Values Added
References		https://security.netapp.com/advisory/ntap-20240822-0005/

Tue, 13 Aug 2024 10:45:00 +0000

Type	Values Removed	Values Added
Title	Qemu: 'qemu-img info' leads to host file read/write	Qemu-kvm: 'qemu-img info' leads to host file read/write

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-07-02T15:57:23.648Z

Updated: 2024-11-13T14:26:07.158Z

Reserved: 2024-05-03T09:44:14.000Z

Link: CVE-2024-4467

Vulnrichment

Updated: 2024-08-22T18:03:16.787Z

NVD

Status : Awaiting Analysis

Published: 2024-07-02T16:15:05.423

Modified: 2024-11-21T09:42:52.947

Link: CVE-2024-4467

Redhat

Severity : Important

Publid Date: 2024-07-02T15:00:00Z

Links: CVE-2024-4467 - Bugzilla

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Exploitation none

Automatable no

Technical Impact total

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object