{"id":"ALSA-2024:2560","summary":"Moderate: libvirt security and bug fix update","details":"The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.\n\nSecurity Fixes:\n\n* libvirt: off-by-one error in udevListInterfacesByStatus() (CVE-2024-1441)\n* libvirt: negative g_new0 length can lead to unbounded memory allocation (CVE-2024-2494)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fixes:\n\n* libvirt: off-by-one error in udevListInterfacesByStatus() [almalinux-9] (JIRA:AlmaLinux-25081)\n* libvirt: negative g_new0 length can lead to unbounded memory allocation [almalinux-9] (JIRA:AlmaLinux-29515)","modified":"2026-02-04T02:38:23.329108Z","published":"2024-04-30T00:00:00Z","related":["CVE-2024-1441","CVE-2024-2494"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2024:2560"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-1441"},{"type":"REPORT","url":"https://access.redhat.com/security/cve/CVE-2024-2494"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2263841"},{"type":"REPORT","url":"https://bugzilla.redhat.com/2270115"},{"type":"ADVISORY","url":"https://errata.almalinux.org/9/ALSA-2024-2560.html"}],"affected":[{"package":{"name":"libvirt","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-client","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-client"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-client-qemu","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-client-qemu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-common","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-common"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-config-network","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-config-network"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-config-nwfilter","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-config-nwfilter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-interface","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-interface"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-network","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-network"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-nodedev","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-nodedev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-nwfilter","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-nwfilter"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-qemu","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-qemu"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-secret","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-secret"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-core","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-core"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-disk","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-disk"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-iscsi","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-logical","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-logical"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-mpath","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-mpath"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-rbd","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-rbd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-driver-storage-scsi","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-driver-storage-scsi"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-kvm","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-kvm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-lock","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-lock"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-log","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-log"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-plugin-lockd","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-plugin-lockd"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-plugin-sanlock","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-plugin-sanlock"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-daemon-proxy","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-daemon-proxy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-devel","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-docs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-docs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-libs","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-libs"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}},{"package":{"name":"libvirt-nss","ecosystem":"AlmaLinux:9","purl":"pkg:rpm/almalinux/libvirt-nss"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"10.0.0-6.2.el9_4.alma.1"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:2560.json"}}],"schema_version":"1.7.3"}