3 matches found
libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune function looked up the disk index in a non-persistent live disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could us...
UBUNTU-CVE-2014-3633
The qemuDomainGetBlockIoTune function in qemu/qemudriver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service crash or read sensitive heap information via a crafted blkiotune query, which triggers an...
qemu: job usage issue in several APIs leading to libvirtd crash
Multiple race conditions in the 1 virDomainBlockStats, 2 virDomainGetBlockInf, 3 qemuDomainBlockJobImpl, and 4 virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service libvirtd...