Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2024-4418
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Libvirt: stack use-after-free in virnetclientioeventloop()
Source: NVD (National Vulnerability Database)
Vulnerability Description
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
返回栈上的变量地址
Source: NVD (National Vulnerability Database)
Vulnerability Title
Red Hat libvirt 资源管理错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Red Hat libvirt是美国红帽(Red Hat)公司的一个用于实现Linux虚拟化功能的Linux API,它支持各种Hypervisor,包括Xen和KVM,以及QEMU和用于其他操作系统的一些虚拟产品。 Red Hat libvirt 6.2.0版本存在资源管理错误漏洞,该漏洞源于存在堆栈释放后重用,允许本地非特权用户无需身份验证即可访问virtproxyd。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
Red HatRed Hat Enterprise Linux 8 8100020240606142719.489197e6 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 8 8100020240606142719.489197e6 ~ * cpe:/a:redhat:enterprise_linux:8::appstream
Red HatRed Hat Enterprise Linux 9 0:10.0.0-6.6.el9_4 ~ * cpe:/a:redhat:enterprise_linux:9::crb
Red HatRed Hat Enterprise Linux 9.2 Extended Update Support 0:9.0.0-10.7.el9_2 ~ * cpe:/a:redhat:rhel_eus:9.2::appstream
Red HatRed Hat Enterprise Linux 6-cpe:/o:redhat:enterprise_linux:6
Red HatRed Hat Enterprise Linux 7-cpe:/o:redhat:enterprise_linux:7
Red HatRed Hat Enterprise Linux 8 Advanced Virtualization-cpe:/a:redhat:advanced_virtualization:8::el8
II. Public POCs for CVE-2024-4418
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2024-4418
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same weakness: CWE-562
V. Comments for CVE-2024-4418

No comments yet

Leave a comment