CVE-2013-4154

2013-09-30T21:55:00
ID CVE-2013-4154
Type cve
Reporter cve@mitre.org
Modified 2013-10-11T15:18:00

Description

The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command. Per: http://cwe.mitre.org/data/definitions/476.html

'CWE-476: NULL Pointer Dereference'