CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
AI Score
Confidence
High
EPSS
Percentile
89.5%
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.
Vendor | Product | Version | CPE |
---|---|---|---|
redhat | libvirt | * | cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:* |
redhat | libvirt | 0.0.1 | cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:* |
redhat | libvirt | 0.0.2 | cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:* |
redhat | libvirt | 0.0.3 | cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:* |
redhat | libvirt | 0.0.4 | cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:* |
redhat | libvirt | 0.0.5 | cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:* |
redhat | libvirt | 0.0.6 | cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:* |
redhat | libvirt | 0.1.0 | cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:* |
redhat | libvirt | 0.1.1 | cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:* |
redhat | libvirt | 0.1.3 | cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:* |
libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=f44bfb7fb978c9313ce050a1c4149bf04aa0a670
secunia.com/advisories/44459
securitytracker.com/id?1025477
support.avaya.com/css/P8/documents/100134583
www.debian.org/security/2011/dsa-2280
www.redhat.com/support/errata/RHSA-2011-0478.html
www.redhat.com/support/errata/RHSA-2011-0479.html
www.securityfocus.com/bid/47148
www.ubuntu.com/usn/USN-1152-1
bugzilla.redhat.com/show_bug.cgi?id=693391
www.redhat.com/archives/libvir-list/2011-March/msg01087.html