SOL17218 - Libvirt vulnerability CVE-2014-8135

ID SOL17218
Type f5
Reporter f5
Modified 2015-09-03T00:00:00


The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command. (CVE-2014-8135)