CVE-2013-4369

CVE-2013-4369 affects the Xen libxlu xlu_vif_parse_rate function, allowing a local denial of service via a NULL pointer when an @ is used as the VIF rate configuration in Xen 4.2.x and 4.3.x. Connected advisories indicate this was addressed as part of XSA-68 (SUSE/OpenVZ references), with fixes f...

possible null dereference when parsing vif ratelimiting info

ISSUE DESCRIPTION The libxlu library function xluvifparserate does not properly handle inputs which consist solely of the '@' character, leading to a NULL pointer dereference. IMPACT A toolstack which allows untrusted users to specify an arbitrary configuration for the VIF rate can be subjected t...