GHSA-vjhf-6xfr-5p9g

Source
https://github.com/advisories/GHSA-vjhf-6xfr-5p9g
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/04/GHSA-vjhf-6xfr-5p9g/GHSA-vjhf-6xfr-5p9g.json
Aliases
  • CVE-2024-31420
Published
2024-04-03T15:30:42Z
Modified
2024-04-03T18:46:15Z
Details

A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine.

References

Affected packages

Go / kubevirt.io/kubevirt

Package

Affected ranges

Type
SEMVER
Events
Introduced
0The exact introduced commit is unknown
Last affected
1.2.0