Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files.
CPE | Name | Operator | Version |
---|---|---|---|
libguestfs | eq | 1.21.11 | |
libguestfs | eq | 1.21.20 | |
libguestfs | eq | 1.21.8 | |
libguestfs | eq | 1.21.4 | |
libguestfs | eq | 1.20.3 | |
libguestfs | eq | 1.21.14 | |
libguestfs | eq | 1.21.10 | |
libguestfs | eq | 1.21.21 | |
libguestfs | eq | 1.21.22 | |
libguestfs | eq | 1.23.0 |
osvdb.org/93724
seclists.org/oss-sec/2013/q2/431
www.securityfocus.com/bid/60205
exchange.xforce.ibmcloud.com/vulnerabilities/85145
github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd
www.redhat.com/archives/libguestfs/2013-May/msg00079.html
www.redhat.com/archives/libguestfs/2013-May/msg00080.html