Описание
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.2.16-2ubuntu9 |
| esm-infra-legacy/trusty | not-affected | code not present |
| lucid | not-affected | code not present |
| precise | not-affected | code not present |
| trusty | not-affected | code not present |
| trusty/esm | not-affected | code not present |
| upstream | released | 1.2.11 |
| utopic | ignored | end of life |
| vivid | not-affected | 1.2.12-0ubuntu14.2 |
Показывать по
4 Medium
CVSS2
Связанные уязвимости
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
The qemu implementation of virConnectGetAllDomainStats in libvirt befo ...
The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.
4 Medium
CVSS2