libvirt Unprivileged DoS via Off-By-One in udevListInterfacesByStatus
CVE-2024-1441 Published on March 11, 2024
Libvirt: off-by-one error in udevlistinterfacesbystatus()
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
Vulnerability Analysis
CVE-2024-1441 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.
Timeline
Reported to Red Hat.
Made public. 18 days later.
Weakness Type
What is an off-by-five Vulnerability?
A product calculates or uses an incorrect maximum or minimum value that is 1 more, or 1 less, than the correct value.
CVE-2024-1441 has been classified to as an off-by-five vulnerability or weakness.
Products Associated with CVE-2024-1441
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2024-1441 are published in these products:
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.