Computer Security
[EN] securityvulns.ru no-pyccku


libvirt security vulnerabilities
Published:29.01.2014
Source:
SecurityVulns ID:13539
Type:library
Threat Level:
5/10
Description:Few DoS conditions.
CVE:CVE-2014-1447 (Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.)
 CVE-2013-6458 (Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 2846-1] libvirt security update (29.01.2014)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod