CVE-2024-44082 — Vulnetix

CVE-2024-44082 PUBLISHED

Es existiert eine Schwachstelle in Red Hat OpenStack Ironic. Dieser Fehler ermöglicht es, ein speziell präpariertes Image zu verwenden, um unerwünschte Verhaltensweisen in qemu-img auszunutzen, Sicherheitsvorkehrungen zu umgehen und Informationen offenzulegen.

EPSS 0.27% · 51.0th percentile

Risk Scores

EPSS Score

0.27%

51.0th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Enterprise Linux
Red Hat	Red Hat OpenStack Platform <17.1.4

Exploit Intelligence

https://bugs.launchpad.net/ironic/+bug/2071740 (circl)
https://www.openwall.com/lists/oss-security/2024/09/04/4 (circl)
https://security.openstack.org/ossa/OSSA-2024-003.html (circl)

Timeline

Sep 6, 2024 CVE Published
Sep 6, 2024 EPSS Score
Sep 26, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 16, 2024 EPSS Score
Nov 5, 2024 EPSS Score
Nov 6, 2024 CVE Updated
Nov 7, 2024 Coalition ESS Score
Nov 25, 2024 EPSS Score
Dec 16, 2024 EPSS Score
Jan 5, 2025 EPSS Score
Jan 25, 2025 EPSS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3522.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3522 advisory
https://access.redhat.com/errata/RHSA-2024:9977 advisory
https://access.redhat.com/errata/RHSA-2024:9982 advisory
https://access.redhat.com/errata/RHSA-2025:0204 advisory

Open in Interactive Console →