ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0114
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0114)
Resumen:	The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2024-0114 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2024-0114 advisory. Vulnerability Insight: A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash. (CVE-2024-2494) Affected Software/OS: 'libvirt' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-2494 RHBZ#2270115 https://bugzilla.redhat.com/show_bug.cgi?id=2270115 RHSA-2024:2560 https://access.redhat.com/errata/RHSA-2024:2560 RHSA-2024:3253 https://access.redhat.com/errata/RHSA-2024:3253 https://access.redhat.com/security/cve/CVE-2024-2494 https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.