Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2014-8135

Опубликовано: 17 дек. 2014
Источник: redhat
CVSS2: 2.1
EPSS Низкий

Описание

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

Отчет

This issue affects the versions of libvirt as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5libvirtUnder investigation
Red Hat Enterprise Linux 6libvirtUnder investigation
Red Hat Enterprise Linux 7libvirtNot affected
Red Hat Storage 2.1libvirtWill not fix
Red Hat Storage 3.0libvirtNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1176182libvirt: local denial of service in storage/storage_driver.c

EPSS

Процентиль: 37%
0.00158
Низкий

2.1 Low

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2014-8135

ubuntu
около 11 лет назад

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

nvd логотип

CVE-2014-8135

nvd
около 11 лет назад

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

debian логотип

CVE-2014-8135

debian
около 11 лет назад

The storageVolUpload function in storage/storage_driver.c in libvirt b ...

github логотип

GHSA-xjj7-h4hj-89mh

github
больше 3 лет назад

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

EPSS

Процентиль: 37%
0.00158
Низкий

2.1 Low

CVSS2