Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-3633

Опубликовано: 17 сент. 2014
Источник: redhat
CVSS2: 3.2
EPSS Низкий

Описание

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.

An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.

Отчет

This issue does not affect the versions of libvirt packages as shipped with Red Hat Enterprise Linux 5. This issue does affect the versions of libvirt packages as shipped with Red Hat Enterprise Linux 6 and 7. Future updates may address this issue in the respective Red Hat Enterprise Linux releases.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libvirtNot affected
Red Hat Storage 2.1libvirtUnder investigation
Red Hat Enterprise Linux 6libvirtFixedRHSA-2014:187318.11.2014
Red Hat Enterprise Linux 7libvirtFixedRHSA-2014:135201.10.2014

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1141131libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index

EPSS

Процентиль: 87%
0.03629
Низкий

3.2 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-3633

ubuntu
почти 11 лет назад

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.

nvd логотип

CVE-2014-3633

nvd
почти 11 лет назад

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.

debian логотип

CVE-2014-3633

debian
почти 11 лет назад

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt ...

github логотип

GHSA-gq49-7wvq-p22q

github
больше 3 лет назад

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.

oracle-oval логотип

ELSA-2014-1352

oracle-oval
почти 11 лет назад

ELSA-2014-1352: libvirt security and bug fix update (MODERATE)

EPSS

Процентиль: 87%
0.03629
Низкий

3.2 Low

CVSS2