Updated: 2025-04-10 01:34:30.450679
Description:
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
| Links | NIST | CIRCL | RHEL | Ubuntu |
| Severity | Score | |
|---|---|---|
| CVSS Version 2.x | 0 | |
| CVSS Version 3.x | MEDIUM | 5.5 |
| OS name | Project name | Version | Score | Severity | Status | Errata | Last updated | Statement |
|---|---|---|---|---|---|---|---|---|
| AlmaLinux 9.2 ESU | libvirt | 9.0.0 | 5.5 | MEDIUM | Released | CLSA-2025:1739386692 | 2025-02-13 01:19:51 | |
| CentOS 6 ELS | libvirt | 0.10.2 | 5.5 | MEDIUM | Ignored | 2024-05-10 14:18:43 | ||
| CentOS 7 ELS | libvirt | 4.5.0 | 5.5 | MEDIUM | Released | CLSA-2025:1745585902 | 2025-05-09 04:22:21 | |
| CentOS 8.4 ELS | libvirt | 6.0.0-35.1 | 5.5 | MEDIUM | Ignored | 2024-05-10 17:19:11 | ||
| CentOS 8.5 ELS | libvirt | 6.0.0-37 | 5.5 | MEDIUM | Ignored | 2024-05-10 17:19:11 | ||
| CentOS Stream 8 ELS | libvirt | 8.0.0 | 5.5 | MEDIUM | Ignored | 2024-05-10 14:18:43 | ||
| CloudLinux 6 ELS | libvirt | 0.10.2 | 5.5 | MEDIUM | Ignored | 2024-05-10 14:18:43 | ||
| CloudLinux 7 ELS | libvirt | 4.5.0 | 5.5 | MEDIUM | Released | CLSA-2025:1745533910 | 2025-05-07 04:16:42 | |
| Oracle Linux 6 ELS | libvirt | 0.10.2 | 5.5 | MEDIUM | Ignored | 2024-05-10 14:18:43 | ||
| Oracle Linux 7 ELS | libvirt | 4.5.0 | 5.5 | MEDIUM | Released | CLSA-2025:1745530850 | 2025-04-26 03:57:24 |