Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2013-6458

Опубликовано: 13 дек. 2013
Источник: redhat
CVSS2: 6.8
EPSS Низкий

Описание

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

Отчет

Red Hat Enterprise Linux 5 is now in Production 3 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libvirtWill not fix
Red Hat Enterprise Linux 7libvirtNot affected
Red Hat Storage 2.0libvirtWill not fix
Red Hat Storage 2.1libvirtWill not fix
Red Hat Enterprise Linux 6libvirtFixedRHSA-2014:010328.01.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1048631qemu: job usage issue in several APIs leading to libvirtd crash

EPSS

Процентиль: 73%
0.00779
Низкий

6.8 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2013-6458

ubuntu
больше 11 лет назад

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

nvd логотип

CVE-2013-6458

nvd
больше 11 лет назад

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

debian логотип

CVE-2013-6458

debian
больше 11 лет назад

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomain ...

github логотип

GHSA-9hqh-qqff-45p6

github
больше 3 лет назад

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

oracle-oval логотип

ELSA-2014-0103

oracle-oval
больше 11 лет назад

ELSA-2014-0103: libvirt security and bug fix update (MODERATE)

EPSS

Процентиль: 73%
0.00779
Низкий

6.8 Medium

CVSS2