CVE-2024-8235

CVSS 3.1 Score 6.2 of 10 (medium)

Details

Published Aug 30, 2024
CWE ID 476

Summary

CVE-2024-8235 is a vulnerability found in libvirt, affecting various products including wVSDec, Ucw8Hk, wVId92, and w4yxGb. The flaw arises from a corner case in the code that handles memory allocation, leading to a NULL-pointer dereference and causing the virtinterfaced daemon to crash when clients connect to its read-only socket. This issue has been rated with a base severity of medium (6.2) and could result in high availability impact, although it does not affect integrity or confidentiality. To remediate the vulnerability, users should apply patches provided by their software vendors as soon as they become available. Organizations should be aware that exploitation could disrupt service availability but would not require user interaction or elevated privileges.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share