CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
95.5%
The virNetServerProgramDispatchCall function in libvirt before 0.10.2
allows remote attackers to cause a denial of service (NULL pointer
dereference and segmentation fault) via an RPC call with (1) an event as
the RPC number or (2) an RPC number whose value is in a “gap” in the RPC
dispatch table.
Author | Note |
---|---|
mdeslaur | introduced in 0.9.3 |
www.openwall.com/lists/oss-security/2012/09/13/11
launchpad.net/bugs/cve/CVE-2012-4423
nvd.nist.gov/vuln/detail/CVE-2012-4423
security-tracker.debian.org/tracker/CVE-2012-4423
ubuntu.com/security/notices/USN-1708-1
www.cve.org/CVERecord?id=CVE-2012-4423
www.redhat.com/archives/libvir-list/2012-September/msg00843.html