CVE-2024-7409
Qemu: denial of service via improper synchronization in qemu nbd server during socket closure
A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Productos afectados
qemuRed Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8 Advanced VirtualizationRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.2 Extended Update SupportRed Hat · Red Hat Enterprise Linux 9.4 Extended Update SupportRed Hat · Red Hat OpenShift Container Platform 4.13Red Hat · Red Hat OpenShift Container Platform 4.14Red Hat · Red Hat OpenShift Container Platform 4.15Red Hat · Red Hat OpenShift Container Platform 4.16Red Hat · Red Hat OpenShift Container Platform 4.17¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
https://access.redhat.com/errata/RHSA-2024:10518https://access.redhat.com/errata/RHSA-2024:10528https://access.redhat.com/errata/RHSA-2024:10813https://access.redhat.com/errata/RHSA-2024:6811https://access.redhat.com/errata/RHSA-2024:6818https://access.redhat.com/errata/RHSA-2024:6964https://access.redhat.com/errata/RHSA-2024:7408https://access.redhat.com/errata/RHSA-2024:8991https://access.redhat.com/errata/RHSA-2024:9136https://access.redhat.com/errata/RHSA-2024:9620https://access.redhat.com/errata/RHSA-2024:9912https://access.redhat.com/security/cve/CVE-2024-7409