CVSS2
Attack Vector
LOCAL
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:L/AC:M/Au:N/C:P/I:P/A:P
EPSS
Percentile
10.3%
Buffer overflow in the proxyReadClientSocket function in
proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users to
gain privileges by sending a portion of the header of a virProxyPacket
packet, and then sending the remainder of the packet with crafted values in
the header, related to use of uninitialized memory in a validation check.
Author | Note |
---|---|
jdstrand | code exists but is not compiled on Ubuntu |