Null pointer dereference

2013-09-3021:55:00

PRIOn knowledge base

www.prio-n.com

6.4 Medium

AI Score

Confidence

Low

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.01 Low

EPSS

Percentile

83.5%

JSON

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.

CPENameOperatorVersion
ubuntu_linuxeq13.04
ubuntu_linuxeq12.10
ubuntu_linuxeq12.4 lts
ubuntu_linuxeq10.4 lts
enterprise_linuxeq6.0
libvirteq0.9.13
libvirteq1.0.5.4
libvirteq0.9.2
libvirteq0.9.5
libvirteq1.0.5.3

Name	Operator	Version
ubuntu_linux	eq	13.04
ubuntu_linux	eq	12.10
ubuntu_linux	eq	12.4 lts
ubuntu_linux	eq	10.4 lts
enterprise_linux	eq	6.0
libvirt	eq	0.9.13
libvirt	eq	1.0.5.4
libvirt	eq	0.9.2
libvirt	eq	0.9.5
libvirt	eq	1.0.5.3