CVE-2024-4467: Qemu-kvm: 'qemu-img info' leads to host file read/write
Description
A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.
Classification
CVE ID: CVE-2024-4467
CVSS Base Severity: HIGH
CVSS Base Score: 7.8
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Problem Types
Uncontrolled Resource ConsumptionAffected Products
Vendor: , Red Hat
Product: , Advanced Virtualization for RHEL 8.2.1, Advanced Virtualization for RHEL 8.4.0.EUS, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.6 Telecommunications Update Service, Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions, Red Hat Enterprise Linux 8.8 Extended Update Support, Red Hat Enterprise Linux 9, Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions, Red Hat Enterprise Linux 9.2 Extended Update Support, Red Hat Enterprise Linux 10, Red Hat Enterprise Linux 6, Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8 Advanced Virtualization, Red Hat OpenShift Virtualization 4
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.07% (probability of being exploited)
EPSS Percentile: 21.79% (scored less or equal to compared to others)
EPSS Date: 2025-06-15 (when was this score calculated)
Stakeholder-Specific Vulnerability Categorization (SSVC)
SSVC Exploitation: none
SSVC Technical Impact: total
SSVC Automatable: false
References
https://nvd.nist.gov/vuln/detail/CVE-2024-4467https://access.redhat.com/errata/RHSA-2024:4276
https://access.redhat.com/errata/RHSA-2024:4277
https://access.redhat.com/errata/RHSA-2024:4278
https://access.redhat.com/errata/RHSA-2024:4372
https://access.redhat.com/errata/RHSA-2024:4373
https://access.redhat.com/errata/RHSA-2024:4374
https://access.redhat.com/errata/RHSA-2024:4420
https://access.redhat.com/errata/RHSA-2024:4724
https://access.redhat.com/errata/RHSA-2024:4727
https://access.redhat.com/security/cve/CVE-2024-4467
https://bugzilla.redhat.com/show_bug.cgi?id=2278875