cve 2024 41184

CVE-2024-41184 is a security vulnerability in Keepalived, an open-source daemon used for VRRP-based high-availability and health checks. The flaw is an integer overflow in the VRRP ipset parsing code that can be triggered by an empty ipset name in configuration, potentially leading to undefined reads or crashes. The issue was patched upstream by adding strict validation so that malformed or empty ipset names cause a configuration error rather than unsafe memory arithmetic. This tag covers discussions about the vulnerability, its impact, and the patch guide for addressing the empty ipset name bug in Keepalived.