{"id":"MGASA-2024-0114","summary":"Updated libvirt packages fix security vulnerability","details":"A flaw was found in the RPC library APIs of libvirt. The RPC server\ndeserialization code allocates memory for arrays before the non-negative\nlength check is performed by the C API entry points. Passing a negative\nlength to the g_new0 function results in a crash due to the negative\nlength being treated as a huge positive number. This flaw allows a\nlocal, unprivileged user to perform a denial of service attack by\ncausing the libvirt daemon to crash. (CVE-2024-2494)\n","modified":"2026-04-16T00:10:13.212633430Z","published":"2024-04-06T22:16:44Z","upstream":["CVE-2024-2494"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0114.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33047"},{"type":"WEB","url":"https://lwn.net/Articles/967956/"}],"affected":[{"package":{"name":"libvirt","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/libvirt?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"9.6.0-1.1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0114.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}