Lucene search
HistoryJan 24, 2014 - 6:55 p.m.
CVE-2014-1447
cve-2014-1447
race condition
virnetserverclientstartkeepalive
libvirt
denial of service
nvd
3.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
8 High
AI Score
Confidence
High
0.021 Low
EPSS
Percentile
89.1%
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.
Affected configurations
Node
redhatlibvirtRange≤1.2.0
ORredhatlibvirtMatch0.0.1
ORredhatlibvirtMatch0.0.2
ORredhatlibvirtMatch0.0.3
ORredhatlibvirtMatch0.0.4
ORredhatlibvirtMatch0.0.5
ORredhatlibvirtMatch0.0.6
ORredhatlibvirtMatch0.1.0
ORredhatlibvirtMatch0.1.1
ORredhatlibvirtMatch0.1.3
ORredhatlibvirtMatch0.1.4
ORredhatlibvirtMatch0.1.5
ORredhatlibvirtMatch0.1.6
ORredhatlibvirtMatch0.1.7
ORredhatlibvirtMatch0.1.8
ORredhatlibvirtMatch0.1.9
ORredhatlibvirtMatch0.2.0
ORredhatlibvirtMatch0.2.1
ORredhatlibvirtMatch0.2.2
ORredhatlibvirtMatch0.2.3
ORredhatlibvirtMatch0.3.0
ORredhatlibvirtMatch0.3.1
ORredhatlibvirtMatch0.3.2
ORredhatlibvirtMatch0.3.3
ORredhatlibvirtMatch0.4.0
ORredhatlibvirtMatch0.4.1
ORredhatlibvirtMatch0.4.2
ORredhatlibvirtMatch0.4.3
ORredhatlibvirtMatch0.4.4
ORredhatlibvirtMatch0.4.5
ORredhatlibvirtMatch0.4.6
ORredhatlibvirtMatch0.5.0
ORredhatlibvirtMatch0.5.1
ORredhatlibvirtMatch0.6.0
ORredhatlibvirtMatch0.6.1
ORredhatlibvirtMatch0.6.2
ORredhatlibvirtMatch0.6.3
ORredhatlibvirtMatch0.6.4
ORredhatlibvirtMatch0.6.5
ORredhatlibvirtMatch0.7.0
ORredhatlibvirtMatch0.7.1
ORredhatlibvirtMatch0.7.2
ORredhatlibvirtMatch0.7.3
ORredhatlibvirtMatch0.7.4
ORredhatlibvirtMatch0.7.5
ORredhatlibvirtMatch0.7.6
ORredhatlibvirtMatch0.7.7
ORredhatlibvirtMatch0.8.0
ORredhatlibvirtMatch0.8.1
ORredhatlibvirtMatch0.8.2
ORredhatlibvirtMatch0.8.3
ORredhatlibvirtMatch0.8.4
ORredhatlibvirtMatch0.8.5
ORredhatlibvirtMatch0.8.6
ORredhatlibvirtMatch0.8.7
ORredhatlibvirtMatch0.8.8
ORredhatlibvirtMatch0.9.0
ORredhatlibvirtMatch0.9.1
ORredhatlibvirtMatch0.9.2
ORredhatlibvirtMatch0.9.3
ORredhatlibvirtMatch0.9.4
ORredhatlibvirtMatch0.9.5
ORredhatlibvirtMatch0.9.6
ORredhatlibvirtMatch0.9.6.1
ORredhatlibvirtMatch0.9.6.2
ORredhatlibvirtMatch0.9.6.3
ORredhatlibvirtMatch0.9.7
ORredhatlibvirtMatch0.9.8
ORredhatlibvirtMatch0.9.9
ORredhatlibvirtMatch0.9.10
ORredhatlibvirtMatch0.9.11
ORredhatlibvirtMatch0.9.11.1
ORredhatlibvirtMatch0.9.11.2
ORredhatlibvirtMatch0.9.11.3
ORredhatlibvirtMatch0.9.11.4
ORredhatlibvirtMatch0.9.11.5
ORredhatlibvirtMatch0.9.11.6
ORredhatlibvirtMatch0.9.11.7
ORredhatlibvirtMatch0.9.11.8
ORredhatlibvirtMatch0.9.12
ORredhatlibvirtMatch0.9.13
ORredhatlibvirtMatch0.10.0
ORredhatlibvirtMatch0.10.1
ORredhatlibvirtMatch0.10.2
ORredhatlibvirtMatch0.10.2.1
ORredhatlibvirtMatch0.10.2.2
ORredhatlibvirtMatch0.10.2.3
ORredhatlibvirtMatch0.10.2.4
ORredhatlibvirtMatch0.10.2.5
ORredhatlibvirtMatch0.10.2.6
ORredhatlibvirtMatch0.10.2.7
ORredhatlibvirtMatch0.10.2.8
ORredhatlibvirtMatch1.0.0
ORredhatlibvirtMatch1.0.1
ORredhatlibvirtMatch1.0.2
ORredhatlibvirtMatch1.0.3
ORredhatlibvirtMatch1.0.4
ORredhatlibvirtMatch1.0.5
ORredhatlibvirtMatch1.0.5.1
ORredhatlibvirtMatch1.0.5.2
ORredhatlibvirtMatch1.0.5.3
ORredhatlibvirtMatch1.0.5.4
ORredhatlibvirtMatch1.0.5.5
ORredhatlibvirtMatch1.0.5.6
ORredhatlibvirtMatch1.0.6
ORredhatlibvirtMatch1.1.0
ORredhatlibvirtMatch1.1.1
ORredhatlibvirtMatch1.1.2
ORredhatlibvirtMatch1.1.3
ORredhatlibvirtMatch1.1.4
References
libvirt.org/news.html
lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
lists.opensuse.org/opensuse-updates/2014-02/msg00062.html
rhn.redhat.com/errata/RHSA-2014-0103.html
secunia.com/advisories/56321
secunia.com/advisories/56446
secunia.com/advisories/60895
security.gentoo.org/glsa/glsa-201412-04.xml
www.debian.org/security/2014/dsa-2846
www.securitytracker.com/id/1029695
www.ubuntu.com/usn/USN-2093-1
bugzilla.redhat.com/show_bug.cgi?id=1047577
Related
ubuntucve
ubuntucve
CVE-2014-1447
2014-01-24 00:00:00
prion
prion
Race condition
2014-01-24 18:55:00
Information disclosure
2014-01-15 16:13:00
debiancve
debiancve
CVE-2014-1447
2014-01-24 18:55:04
cvelist
cvelist
CVE-2014-1447
2014-01-24 18:00:00
nvd
nvd
CVE-2014-1447
2014-01-24 18:55:04
CVE-2014-1448
2014-01-15 16:13:04
veracode
veracode
Denial Of Service (DoS)
2018-08-14 04:05:13
oraclelinux
oraclelinux
libvirt security and bug fix update
2014-01-28 00:00:00
nessus
nessus
openSUSE Security Update : libvirt (openSUSE-SU-2014:0270-1)
2014-06-13 00:00:00
CentOS 6 : libvirt (CESA-2014:0103)
2014-01-30 00:00:00
SuSE 11.3 Security Update : libvirt (SAT Patch Number 8886)
2014-03-03 00:00:00
openvas
openvas
Debian Security Advisory DSA 2846-1 (libvirt - several vulnerabilities)
2014-01-17 00:00:00
Debian: Security Advisory (DSA-2846-1)
2014-01-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2014:0318-1)
2021-06-09 00:00:00
cve
cve
CVE-2014-1448
2014-01-15 16:13:04
osv
osv
libvirt - several
2014-01-17 00:00:00
CVE-2020-25637
2020-10-06 14:15:12
CVE-2023-2700
2023-05-15 22:15:12
debian
debian
[SECURITY] [DSA 2846-1] libvirt security update
2014-01-17 19:25:28
centos
centos
libvirt security update
2014-01-29 14:05:41
mageia
mageia
Updated libvirt packages fix two vulnerabilties
2014-02-12 02:06:14
securityvulns
securityvulns
libvirt security vulnerabilities
2014-01-29 00:00:00
[SECURITY] [DSA 2846-1] libvirt security update
2014-01-29 00:00:00
redhat
redhat
(RHSA-2014:0103) Moderate: libvirt security and bug fix update
2014-01-28 00:00:00
ubuntu
ubuntu
libvirt vulnerabilities
2014-01-30 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libvirt-1.1.3.3-1.fc20
2014-01-21 05:56:08
[SECURITY] Fedora 19 Update: libvirt-1.0.5.9-1.fc19
2014-01-26 11:54:32
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.2.2-alt1
2014-03-05 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
3.3 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
8 High
AI Score
Confidence
High
0.021 Low
EPSS
Percentile
89.1%
Related for CVE-2014-1447