Gentoo update for libvirt



Risk Medium
Patch available YES
Number of vulnerabilities 3
CVE-ID CVE-2023-2700
CVE-2023-3750
CVE-2024-2494
CWE-ID CWE-401
CWE-362
CWE-789
Exploitation vector Local network
Public exploit N/A
Vulnerable software
Gentoo Linux
Operating systems & Components / Operating system

app-emulation/libvirt
Operating systems & Components / Operating system package or component

Vendor Gentoo

Security Bulletin

This security bulletin contains information about 3 vulnerabilities.

1) Memory leak

EUVDB-ID: #VU76721

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2023-2700

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform DoS attack on the target system.

The vulnerability exists due memory leak within the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. A local user can repeatedly query an SR-IOV PCI device's capabilities to cause memory leak and perform denial of service attack.

Mitigation

Update the affected packages.
app-emulation/libvirt to version: 10.2.0

Vulnerable software versions

Gentoo Linux: All versions

app-emulation/libvirt: before 10.2.0

CPE2.3 External links

https://security.gentoo.org/glsa/202412-16


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Race condition

EUVDB-ID: #VU78694

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2023-3750

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the virStoragePoolObjListSearch() function. which does not return a locked pool as expected. A remote attacker with ability to connect to the read-only socket can crash the libvirt daemon.

Mitigation

Update the affected packages.
app-emulation/libvirt to version: 10.2.0

Vulnerable software versions

Gentoo Linux: All versions

app-emulation/libvirt: before 10.2.0

CPE2.3 External links

https://security.gentoo.org/glsa/202412-16


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Uncontrolled Memory Allocation

EUVDB-ID: #VU87970

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2024-2494

CWE-ID: CWE-789 - Uncontrolled Memory Allocation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to uncontrolled memory allocation within the g_new0() function. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected packages.
app-emulation/libvirt to version: 10.2.0

Vulnerable software versions

Gentoo Linux: All versions

app-emulation/libvirt: before 10.2.0

CPE2.3 External links

https://security.gentoo.org/glsa/202412-16


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###