Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog
Консоль
Π›ΠΎΠ³ΠΎΡ‚ΠΈΠΏ exploitDog

exploitDog

ubuntu Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-10703

ΠžΠΏΡƒΠ±Π»ΠΈΠΊΠΎΠ²Π°Π½ΠΎ: 02 июн. 2020
Π˜ΡΡ‚ΠΎΡ‡Π½ΠΈΠΊ: ubuntu
ΠŸΡ€ΠΈΠΎΡ€ΠΈΡ‚Π΅Ρ‚: low
EPSS Низкий
CVSS2: 4
CVSS3: 6.5

ОписаниС

A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.

Π Π΅Π»ΠΈΠ·Π‘Ρ‚Π°Ρ‚ΡƒΡΠŸΡ€ΠΈΠΌΠ΅Ρ‡Π°Π½ΠΈΠ΅
bionic

released

4.0.0-1ubuntu8.17
devel

not-affected

6.0.0-0ubuntu6
eoan

released

5.4.0-0ubuntu5.4
esm-infra-legacy/trusty

not-affected

code not present
esm-infra/bionic

released

4.0.0-1ubuntu8.17
esm-infra/focal

not-affected

6.0.0-0ubuntu6
esm-infra/xenial

not-affected

code not present
focal

not-affected

6.0.0-0ubuntu6
precise/esm

not-affected

code not present
trusty

ignored

end of standard support

ΠŸΠΎΠΊΠ°Π·Ρ‹Π²Π°Ρ‚ΡŒ ΠΏΠΎ

Бсылки Π½Π° источники

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 72%
0.00689
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

БвязанныС уязвимости

redhat Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-10703

CVSS3: 6.5
redhat
ΠΎΠΊΠΎΠ»ΠΎ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.

nvd Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-10703

CVSS3: 6.5
nvd
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.

debian Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

CVE-2020-10703

CVSS3: 6.5
debian
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

A NULL pointer dereference was found in the libvirt API responsible in ...

suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2020:1289-1

suse-cvrf
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for libvirt

suse-cvrf Π»ΠΎΠ³ΠΎΡ‚ΠΈΠΏ

SUSE-SU-2020:1250-1

suse-cvrf
ΠΏΠΎΡ‡Ρ‚ΠΈ 6 Π»Π΅Ρ‚ Π½Π°Π·Π°Π΄

Security update for libvirt

EPSS

ΠŸΡ€ΠΎΡ†Π΅Π½Ρ‚ΠΈΠ»ΡŒ: 72%
0.00689
Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡ‚ΡŒ CVE-2020-10703