libvirt: error reporting in libvirtd is not thread safe

🗓️ 02 May 2011 18:13:00Reported by RedHatType

redhat

redhat🔗 access.redhat.com👁 2 Views

Libvirt daemon libvirtd before 0.9.0 has non thread safe error reporting, enabling remote denial of service.

Reporter	Title	Published	Views	Family All 78
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
BDU FSTEC	The vulnerability of the Red Hat Enterprise Linux operating system allows malicious actors to compromise the confidentiality, integrity, and accessibility of protected information.	28 Apr 201500:00	–	bdu_fstec
Tenable Nessus	CentOS 5 : libvirt / libvirt.test (CESA-2011:0478)	5 May 201100:00	–	nessus
Tenable Nessus	Debian DSA-2280-1 : libvirt - several vulnerabilities	20 Jul 201100:00	–	nessus
Tenable Nessus	Fedora 13 : libvirt-0.8.2-6.fc13 (2011-4870)	19 Apr 201100:00	–	nessus
Tenable Nessus	Fedora 14 : libvirt-0.8.3-9.fc14 (2011-4896)	12 Apr 201100:00	–	nessus
Tenable Nessus	Fedora 15 : libvirt-0.8.8-4.fc15 (2011-4964)	18 Apr 201100:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Red Hat Enterprise Linux	5	i386	libvirt	0:0.8.2-15.el5_6.4	libvirt-0:0.8.2-15.el5_6.4.i386.rpm
Red Hat Enterprise Linux	5	ia64	libvirt	0:0.8.2-15.el5_6.4	libvirt-0:0.8.2-15.el5_6.4.ia64.rpm
Red Hat Enterprise Linux	5	x86_64	libvirt	0:0.8.2-15.el5_6.4	libvirt-0:0.8.2-15.el5_6.4.x86_64.rpm
Red Hat Enterprise Linux	5	i386	libvirt-debuginfo	0:0.8.2-15.el5_6.4	libvirt-debuginfo-0:0.8.2-15.el5_6.4.i386.rpm
Red Hat Enterprise Linux	5	ia64	libvirt-debuginfo	0:0.8.2-15.el5_6.4	libvirt-debuginfo-0:0.8.2-15.el5_6.4.ia64.rpm
Red Hat Enterprise Linux	5	x86_64	libvirt-debuginfo	0:0.8.2-15.el5_6.4	libvirt-debuginfo-0:0.8.2-15.el5_6.4.x86_64.rpm
Red Hat Enterprise Linux	5	i386	libvirt-devel	0:0.8.2-15.el5_6.4	libvirt-devel-0:0.8.2-15.el5_6.4.i386.rpm
Red Hat Enterprise Linux	5	ia64	libvirt-devel	0:0.8.2-15.el5_6.4	libvirt-devel-0:0.8.2-15.el5_6.4.ia64.rpm
Red Hat Enterprise Linux	5	x86_64	libvirt-devel	0:0.8.2-15.el5_6.4	libvirt-devel-0:0.8.2-15.el5_6.4.x86_64.rpm
Red Hat Enterprise Linux	5	i386	libvirt-python	0:0.8.2-15.el5_6.4	libvirt-python-0:0.8.2-15.el5_6.4.i386.rpm

Source	Link
access	www.access.redhat.com/security/cve/CVE-2011-1486
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
nvd	www.nvd.nist.gov/vuln/detail/CVE-2011-1486
cve	www.cve.org/CVERecord

21 Nov 2025 17:38Current

7.4High risk

Vulners AI Score7.4

CVSS 23.3

EPSS0.00859

libvirt libvirtd thread safety error reporting remote attack denial of service unix