Rapid7 Vulnerability & Exploit Database

Alma Linux: CVE-2024-4418: Low: virt:rhel and virt-devel:rhel security and bug fix update (ALSA-2024-4351)

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Alma Linux: CVE-2024-4418: Low: virt:rhel and virt-devel:rhel security and bug fix update (ALSA-2024-4351)

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
05/08/2024
Created
07/10/2024
Added
07/09/2024
Modified
07/09/2024

Description

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it.

Solution(s)

  • alma-upgrade-SLOF
  • alma-upgrade-hivex
  • alma-upgrade-hivex-devel
  • alma-upgrade-libguestfs
  • alma-upgrade-libguestfs-appliance
  • alma-upgrade-libguestfs-bash-completion
  • alma-upgrade-libguestfs-devel
  • alma-upgrade-libguestfs-gfs2
  • alma-upgrade-libguestfs-gobject
  • alma-upgrade-libguestfs-gobject-devel
  • alma-upgrade-libguestfs-inspect-icons
  • alma-upgrade-libguestfs-java
  • alma-upgrade-libguestfs-java-devel
  • alma-upgrade-libguestfs-javadoc
  • alma-upgrade-libguestfs-man-pages-ja
  • alma-upgrade-libguestfs-man-pages-uk
  • alma-upgrade-libguestfs-rescue
  • alma-upgrade-libguestfs-rsync
  • alma-upgrade-libguestfs-tools
  • alma-upgrade-libguestfs-tools-c
  • alma-upgrade-libguestfs-winsupport
  • alma-upgrade-libguestfs-xfs
  • alma-upgrade-libiscsi
  • alma-upgrade-libiscsi-devel
  • alma-upgrade-libiscsi-utils
  • alma-upgrade-libnbd
  • alma-upgrade-libnbd-bash-completion
  • alma-upgrade-libnbd-devel
  • alma-upgrade-libtpms
  • alma-upgrade-libtpms-devel
  • alma-upgrade-libvirt
  • alma-upgrade-libvirt-client
  • alma-upgrade-libvirt-daemon
  • alma-upgrade-libvirt-daemon-config-network
  • alma-upgrade-libvirt-daemon-config-nwfilter
  • alma-upgrade-libvirt-daemon-driver-interface
  • alma-upgrade-libvirt-daemon-driver-network
  • alma-upgrade-libvirt-daemon-driver-nodedev
  • alma-upgrade-libvirt-daemon-driver-nwfilter
  • alma-upgrade-libvirt-daemon-driver-qemu
  • alma-upgrade-libvirt-daemon-driver-secret
  • alma-upgrade-libvirt-daemon-driver-storage
  • alma-upgrade-libvirt-daemon-driver-storage-core
  • alma-upgrade-libvirt-daemon-driver-storage-disk
  • alma-upgrade-libvirt-daemon-driver-storage-gluster
  • alma-upgrade-libvirt-daemon-driver-storage-iscsi
  • alma-upgrade-libvirt-daemon-driver-storage-iscsi-direct
  • alma-upgrade-libvirt-daemon-driver-storage-logical
  • alma-upgrade-libvirt-daemon-driver-storage-mpath
  • alma-upgrade-libvirt-daemon-driver-storage-rbd
  • alma-upgrade-libvirt-daemon-driver-storage-scsi
  • alma-upgrade-libvirt-daemon-kvm
  • alma-upgrade-libvirt-dbus
  • alma-upgrade-libvirt-devel
  • alma-upgrade-libvirt-docs
  • alma-upgrade-libvirt-libs
  • alma-upgrade-libvirt-lock-sanlock
  • alma-upgrade-libvirt-nss
  • alma-upgrade-libvirt-wireshark
  • alma-upgrade-lua-guestfs
  • alma-upgrade-nbdfuse
  • alma-upgrade-nbdkit
  • alma-upgrade-nbdkit-bash-completion
  • alma-upgrade-nbdkit-basic-filters
  • alma-upgrade-nbdkit-basic-plugins
  • alma-upgrade-nbdkit-curl-plugin
  • alma-upgrade-nbdkit-devel
  • alma-upgrade-nbdkit-example-plugins
  • alma-upgrade-nbdkit-gzip-filter
  • alma-upgrade-nbdkit-gzip-plugin
  • alma-upgrade-nbdkit-linuxdisk-plugin
  • alma-upgrade-nbdkit-nbd-plugin
  • alma-upgrade-nbdkit-python-plugin
  • alma-upgrade-nbdkit-server
  • alma-upgrade-nbdkit-ssh-plugin
  • alma-upgrade-nbdkit-tar-filter
  • alma-upgrade-nbdkit-tar-plugin
  • alma-upgrade-nbdkit-tmpdisk-plugin
  • alma-upgrade-nbdkit-vddk-plugin
  • alma-upgrade-nbdkit-xz-filter
  • alma-upgrade-netcf
  • alma-upgrade-netcf-devel
  • alma-upgrade-netcf-libs
  • alma-upgrade-ocaml-hivex
  • alma-upgrade-ocaml-hivex-devel
  • alma-upgrade-ocaml-libguestfs
  • alma-upgrade-ocaml-libguestfs-devel
  • alma-upgrade-ocaml-libnbd
  • alma-upgrade-ocaml-libnbd-devel
  • alma-upgrade-perl-Sys-Guestfs
  • alma-upgrade-perl-Sys-Virt
  • alma-upgrade-perl-hivex
  • alma-upgrade-python3-hivex
  • alma-upgrade-python3-libguestfs
  • alma-upgrade-python3-libnbd
  • alma-upgrade-python3-libvirt
  • alma-upgrade-qemu-guest-agent
  • alma-upgrade-qemu-img
  • alma-upgrade-qemu-kvm
  • alma-upgrade-qemu-kvm-block-curl
  • alma-upgrade-qemu-kvm-block-gluster
  • alma-upgrade-qemu-kvm-block-iscsi
  • alma-upgrade-qemu-kvm-block-rbd
  • alma-upgrade-qemu-kvm-block-ssh
  • alma-upgrade-qemu-kvm-common
  • alma-upgrade-qemu-kvm-core
  • alma-upgrade-qemu-kvm-docs
  • alma-upgrade-qemu-kvm-hw-usbredir
  • alma-upgrade-qemu-kvm-tests
  • alma-upgrade-qemu-kvm-ui-opengl
  • alma-upgrade-qemu-kvm-ui-spice
  • alma-upgrade-ruby-hivex
  • alma-upgrade-ruby-libguestfs
  • alma-upgrade-seabios
  • alma-upgrade-seabios-bin
  • alma-upgrade-seavgabios-bin
  • alma-upgrade-sgabios
  • alma-upgrade-sgabios-bin
  • alma-upgrade-supermin
  • alma-upgrade-supermin-devel
  • alma-upgrade-swtpm
  • alma-upgrade-swtpm-devel
  • alma-upgrade-swtpm-libs
  • alma-upgrade-swtpm-tools
  • alma-upgrade-swtpm-tools-pkcs11
  • alma-upgrade-virt-dib
  • alma-upgrade-virt-v2v
  • alma-upgrade-virt-v2v-bash-completion
  • alma-upgrade-virt-v2v-man-pages-ja
  • alma-upgrade-virt-v2v-man-pages-uk

References

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;