CVE-2024-8235: 
NixOS vulnerability analysis and mitigation

A vulnerability (CVE-2024-8235) was discovered in libvirt, affecting versions 10.4.0 and higher prior to 10.7.0. The flaw was introduced during a refactor of the code fetching the list of interfaces for multiple APIs, which created a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer (NVD, Red Hat).

The vulnerability is classified as a NULL Pointer Dereference (CWE-476) with a CVSS v3.1 base score of 6.2 (Medium). The issue occurs when virConnectListInterfaces() is called requesting 0 networks to be filled, leading to a NULL-pointer dereference. This vulnerability only reproduces on platforms where allocation of 0-length memory returns NULL instead of a valid pointer (Red Hat, Bugzilla).

When successfully exploited, this vulnerability can lead to a crash of the virtinterfaced daemon. Clients connecting to the read-only socket can trigger this crash, resulting in a Denial of Service (DoS) condition (NetApp, NVD).

The issue has been addressed in libvirt version 10.5.0-7.el9_5 through Red Hat Enterprise Linux 9 security update RHSA-2024:9128. All versions of libvirt as shipped in Red Hat Enterprise Linux prior to RHEL-9.5 are unaffected by this CVE (Red Hat).