CVE-2024-4467

Summary

A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a json:{} value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.

Affected Software

VendorProductVersion RangeStatus
4.0.0 < 9.1.0affected
Red HatAdvanced Virtualization for RHEL 8.2.18020120240708124623.863bb0db < *unaffected
Red HatAdvanced Virtualization for RHEL 8.4.0.EUS8040020240708093550.522a0ee4 < *unaffected
Red HatAdvanced Virtualization for RHEL 8.4.0.EUS8040020240708093550.522a0ee4 < *unaffected
Red HatRed Hat Enterprise Linux 88100020240704072441.489197e6 < *unaffected
Red HatRed Hat Enterprise Linux 88100020240704072441.489197e6 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support8040020240703100448.522a0ee4 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Telecommunications Update Service8040020240703100448.522a0ee4 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Update Services for SAP Solutions8040020240703100448.522a0ee4 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support8060020240703092415.ad008a3a < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Telecommunications Update Service8060020240703092415.ad008a3a < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Update Services for SAP Solutions8060020240703092415.ad008a3a < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Extended Update Support8080020240703085245.63b34585 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Extended Update Support8080020240703085245.63b34585 < *unaffected
Red HatRed Hat Enterprise Linux 917:8.2.0-11.el9_4.4 < *unaffected
Red HatRed Hat Enterprise Linux 9.0 Update Services for SAP Solutions17:6.2.0-11.el9_0.9 < *unaffected
Red HatRed Hat Enterprise Linux 9.2 Extended Update Support17:7.2.0-14.el9_2.11 < *unaffected

Weaknesses

  • CWE-787: Out-of-bounds Write

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

CVE Program Container

Additional References

References