RHSA-2024:9136
Advisory lineage Upstream: 3 Downstream: 0
Published: 15 Nov 2024, 18:46
Last modified:18 Mar 2026, 11:36
Vulnerability Summary
Overall Risk (default)
medium
33/100 CVSS Score
8.2 HIGH
3.1 (osv_red_hat)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
15 Nov 2024, 18:46
Published
Vulnerability first disclosed
18 Mar 2026, 11:36
Last Modified
Vulnerability information updated
Description
Red Hat Security Advisory: qemu-kvm security update
CVSS Metrics
- v3.1•HIGH•Score: 8.2CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Affected Systems
- redhat•qemu-guest-agent
< 17:9.0.0-10.el9_5
- redhat•qemu-guest-agent-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-img
< 17:9.0.0-10.el9_5
- redhat•qemu-img-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-audio-dbus-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-audio-pa
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-audio-pa-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-block-blkio
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-block-blkio-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-block-curl
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-block-curl-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-block-rbd
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-block-rbd-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-common
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-common-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-core
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-core-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-debugsource
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-gpu
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-gpu-ccw
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-gpu-ccw-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-gpu-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-gpu-pci
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-gpu-pci-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-vga
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-display-virtio-vga-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-usb-host
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-usb-host-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-usb-redirect
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-device-usb-redirect-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-docs
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-tests-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-tools
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-tools-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-ui-dbus-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-ui-egl-headless
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-ui-egl-headless-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-ui-opengl
< 17:9.0.0-10.el9_5
- redhat•qemu-kvm-ui-opengl-debuginfo
< 17:9.0.0-10.el9_5
- redhat•qemu-pr-helper
< 17:9.0.0-10.el9_5
- redhat•qemu-pr-helper-debuginfo
< 17:9.0.0-10.el9_5
References (35)
- https://access.redhat.com/errata/RHSA-2024:9136
- https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/9.5_release_notes/index
- https://access.redhat.com/security/updates/classification/#moderate
- https://bugzilla.redhat.com/show_bug.cgi?id=2264844
- https://bugzilla.redhat.com/show_bug.cgi?id=2274211
- https://bugzilla.redhat.com/show_bug.cgi?id=2302487
- https://issues.redhat.com/browse/RHEL-17719
- https://issues.redhat.com/browse/RHEL-21695
- https://issues.redhat.com/browse/RHEL-24024
- https://issues.redhat.com/browse/RHEL-28073
- https://issues.redhat.com/browse/RHEL-28686
- https://issues.redhat.com/browse/RHEL-28813
- https://issues.redhat.com/browse/RHEL-30362
- https://issues.redhat.com/browse/RHEL-33440
- https://issues.redhat.com/browse/RHEL-33889
- https://issues.redhat.com/browse/RHEL-34618
- https://issues.redhat.com/browse/RHEL-34621
- https://issues.redhat.com/browse/RHEL-34945
- https://issues.redhat.com/browse/RHEL-36159
- https://issues.redhat.com/browse/RHEL-38697
- https://issues.redhat.com/browse/RHEL-40708
- https://issues.redhat.com/browse/RHEL-42411
- https://issues.redhat.com/browse/RHEL-50000
- https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_9136.json
- https://access.redhat.com/security/cve/CVE-2024-3446
- https://www.cve.org/CVERecord?id=CVE-2024-3446
- https://nvd.nist.gov/vuln/detail/CVE-2024-3446
- https://patchew.org/QEMU/20240409105537.18308-1-philmd@linaro.org/
- https://access.redhat.com/security/cve/CVE-2024-7409
- https://www.cve.org/CVERecord?id=CVE-2024-7409
- https://nvd.nist.gov/vuln/detail/CVE-2024-7409
- https://access.redhat.com/security/cve/CVE-2024-26327
- https://www.cve.org/CVERecord?id=CVE-2024-26327
- https://nvd.nist.gov/vuln/detail/CVE-2024-26327
- https://lore.kernel.org/all/20240214-reuse-v4-5-89ad093a07f4@daynix.com/