Computer Security
[EN] no-pyccku

libvirt memory corruption
SecurityVulns ID:13304
Threat Level:
Description:Memory corruption in remoteDispatchDomainMemoryStats()
Affected:LIBVIRT : libvirt 1.1
CVE:CVE-2013-4311 (libvirt 1.0.5.x before, 0.10.2.x before, and 0.9.12.x before allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288.)
 CVE-2013-4296 (The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before, 1.0.x before, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2764-1] libvirt security update (02.10.2013)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod