Description

A NULL pointer dereference flaw was found in KubeVirt. This flaw allows an attacker who has access to a virtual machine guest on a node with DownwardMetrics enabled to cause a denial of service by issuing a high number of calls to vm-dump-metrics --virtio and then deleting the virtual machine.

INFO

Published Date :

2024-04-03T14:01:07.124Z

Last Modified :

2025-11-20T19:12:24.292Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2024-31420 vulnerability.

Vendors Products
Redhat
  • Container Native Virtualization

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact