Security Advisory

CVE-2024-4467

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-07-02 15:57:23

Last updated 2026-02-25 20:31:18

Assigner redhat

State PUBLISHED

Description

A flaw was found in the QEMU disk image utility (qemu-img) info command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file.

← Browse all CVEs View on cve.org ↗