CVE-2020-10703

Опубликовано: 02 июн. 2020

Источник: ubuntu

Приоритет: low

EPSS Низкий

CVSS2: 4

CVSS3: 6.5

Описание

A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.

Релиз	Статус	Примечание
bionic	released	4.0.0-1ubuntu8.17
devel	not-affected	6.0.0-0ubuntu6
eoan	released	5.4.0-0ubuntu5.4
esm-infra-legacy/trusty	not-affected	code not present
esm-infra/bionic	released	4.0.0-1ubuntu8.17
esm-infra/focal	not-affected	6.0.0-0ubuntu6
esm-infra/xenial	not-affected	code not present
focal	not-affected	6.0.0-0ubuntu6
precise/esm	not-affected	code not present
trusty	ignored	end of standard support

Показывать по

Ссылки на источники

EPSS

Процентиль: 75%

0.00899

Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

Связанные уязвимости

CVE-2020-10703

CVSS3: 6.5

redhat

почти 6 лет назад

CVE-2020-10703

CVSS3: 6.5

nvd

больше 5 лет назад

CVE-2020-10703

CVSS3: 6.5

debian

больше 5 лет назад

A NULL pointer dereference was found in the libvirt API responsible in ...

SUSE-SU-2020:1289-1

suse-cvrf

больше 5 лет назад

Security update for libvirt

SUSE-SU-2020:1250-1

suse-cvrf

больше 5 лет назад

Security update for libvirt

EPSS

Процентиль: 75%

0.00899

Низкий

4 Medium

CVSS2

6.5 Medium

CVSS3

CVE-2020-10703

Описание

Пакет libvirt

Ссылки на источники

Связанные уязвимости