Описание
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
Отчет
Not vulnerable. This issue does not affect the versions of libvirt packages as shipped with Red Hat Enterprise Linux 5, 6 and 7.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | libvirt | Not affected | ||
| Red Hat Enterprise Linux 6 | libvirt | Not affected | ||
| Red Hat Enterprise Linux 7 | libvirt | Not affected | ||
| Red Hat Storage 2.1 | libvirt | Under investigation |
Показывать по
Дополнительная информация
Статус:
1.8 Low
CVSS2
Связанные уязвимости
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
The qemu implementation of virConnectGetAllDomainStats in libvirt befo ...
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
1.8 Low
CVSS2