openSUSE Local Security Checks : openSUSE Security Advisory (SUSE-SU-2024:1099-1)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.18.2.2024.1099.1

Categoría: openSUSE Local Security Checks

Título: openSUSE Security Advisory (SUSE-SU-2024:1099-1)

Resumen: The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2024:1099-1 advisory.

Descripción: Summary:
The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2024:1099-1 advisory.

Vulnerability Insight:
This update for libvirt fixes the following issues:

- CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815)
- CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces() (bsc#1221468).
- CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus (bsc#1221237)
- qemu: domain: Fix logic when tainting domain (bsc#1220512)
- conf: Remove some firmware validation checks (bsc#1216980)
- libxl: Fix connection to modular network daemon (bsc#1214223)

Affected Software/OS:
'libvirt' package(s) on openSUSE Leap 15.5.

Solution:
Please install the updated package(s).

CVSS Score:
4.9

CVSS Vector:
AV:L/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2024-1441
RHBZ#2263841
https://bugzilla.redhat.com/show_bug.cgi?id=2263841
RHSA-2024:2560
https://access.redhat.com/errata/RHSA-2024:2560
https://access.redhat.com/security/cve/CVE-2024-1441
https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45FFKU3LODT345LAB5T4XZA5WKYMXJYU/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/
Common Vulnerability Exposure (CVE) ID: CVE-2024-2494
RHBZ#2270115
https://bugzilla.redhat.com/show_bug.cgi?id=2270115
RHSA-2024:3253
https://access.redhat.com/errata/RHSA-2024:3253
https://access.redhat.com/security/cve/CVE-2024-2494
https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/
Common Vulnerability Exposure (CVE) ID: CVE-2024-2496
RHBZ#2269672
https://bugzilla.redhat.com/show_bug.cgi?id=2269672
RHSA-2024:2236
https://access.redhat.com/errata/RHSA-2024:2236
https://access.redhat.com/security/cve/CVE-2024-2496

Copyright Copyright (C) 2025 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.18.2.2024.1099.1
Categoría:	openSUSE Local Security Checks
Título:	openSUSE Security Advisory (SUSE-SU-2024:1099-1)
Resumen:	The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2024:1099-1 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the SUSE-SU-2024:1099-1 advisory. Vulnerability Insight: This update for libvirt fixes the following issues: - CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815) - CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces() (bsc#1221468). - CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus (bsc#1221237) - qemu: domain: Fix logic when tainting domain (bsc#1220512) - conf: Remove some firmware validation checks (bsc#1216980) - libxl: Fix connection to modular network daemon (bsc#1214223) Affected Software/OS: 'libvirt' package(s) on openSUSE Leap 15.5. Solution: Please install the updated package(s). CVSS Score: 4.9 CVSS Vector: AV:L/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-1441 RHBZ#2263841 https://bugzilla.redhat.com/show_bug.cgi?id=2263841 RHSA-2024:2560 https://access.redhat.com/errata/RHSA-2024:2560 https://access.redhat.com/security/cve/CVE-2024-1441 https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45FFKU3LODT345LAB5T4XZA5WKYMXJYU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/ Common Vulnerability Exposure (CVE) ID: CVE-2024-2494 RHBZ#2270115 https://bugzilla.redhat.com/show_bug.cgi?id=2270115 RHSA-2024:3253 https://access.redhat.com/errata/RHSA-2024:3253 https://access.redhat.com/security/cve/CVE-2024-2494 https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/thread/BKRQXPLPC6B7FLHJXSBQYW7HNDEBW6RJ/ Common Vulnerability Exposure (CVE) ID: CVE-2024-2496 RHBZ#2269672 https://bugzilla.redhat.com/show_bug.cgi?id=2269672 RHSA-2024:2236 https://access.redhat.com/errata/RHSA-2024:2236 https://access.redhat.com/security/cve/CVE-2024-2496
Copyright	Copyright (C) 2025 Greenbone AG