๐Ÿ” CVE Alert

CVE-2024-7409

HIGH 7.5

Qemu: denial of service via improper synchronization in qemu nbd server during socket closure

CVSS Score
7.5
EPSS Score
0.0%
EPSS Percentile
0th

A flaw was found in the QEMU NBD Server. This vulnerability allows a denial of service (DoS) attack via improper synchronization during socket closure when a client keeps a socket open as the server is taken offline.

CWE CWE-662
Published Aug 5, 2024
Last Updated Mar 2, 2026
Stay Ahead of the Next One

Get instant alerts for

Be the first to know when new high vulnerabilities are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Versions

Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 8
All versions affected
Red Hat / Red Hat Enterprise Linux 9
All versions affected
Red Hat / Red Hat Enterprise Linux 9.2 Extended Update Support
All versions affected
Red Hat / Red Hat Enterprise Linux 9.4 Extended Update Support
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.13
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.13
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.14
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.15
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.15
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.16
All versions affected
Red Hat / Red Hat OpenShift Container Platform 4.17
All versions affected
Red Hat / Red Hat Enterprise Linux 10
All versions affected
Red Hat / Red Hat Enterprise Linux 6
All versions affected
Red Hat / Red Hat Enterprise Linux 7
All versions affected
Red Hat / Red Hat Enterprise Linux 7
All versions affected
Red Hat / Red Hat Enterprise Linux 8 Advanced Virtualization
All versions affected
Red Hat / Red Hat Enterprise Linux 8 Advanced Virtualization
All versions affected
Red Hat / Red Hat Enterprise Linux 8 Advanced Virtualization
All versions affected
Red Hat / Red Hat Enterprise Linux 8 Advanced Virtualization
All versions affected

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
access.redhat.com: https://access.redhat.com/errata/RHSA-2024:10518 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:10528 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:10813 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:6811 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:6818 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:6964 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:7408 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:8991 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:9136 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:9620 access.redhat.com: https://access.redhat.com/errata/RHSA-2024:9912 access.redhat.com: https://access.redhat.com/security/cve/CVE-2024-7409 bugzilla.redhat.com: https://bugzilla.redhat.com/show_bug.cgi?id=2302487 security.netapp.com: https://security.netapp.com/advisory/ntap-20250502-0008/ lists.debian.org: https://lists.debian.org/debian-lts-announce/2025/09/msg00011.html