Lucene search
Ubuntu.comUB:CVE-2013-4154HistorySep 30, 2013 - 12:00 a.m.
CVE-2013-4154
2013-09-3000:00:00
ubuntu.com
ubuntu.com
8
0.014 Low
EPSS
Percentile
86.3%
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent
is not configured, allows remote attackers to cause a denial of service
(NULL pointer dereference and crash) via vectors related to “agent based
cpu (un)plug,” as demonstrated by the “virsh vcpucount foobar --guest”
command.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=d47eff88fe50e43a36671f6d8d0eeda52835d5e0 which is in 1.1.0 |
References
openwall.com/lists/oss-security/2013/07/19/12
bugzilla.redhat.com/show_bug.cgi?id=986386
launchpad.net/bugs/cve/CVE-2013-4154
nvd.nist.gov/vuln/detail/CVE-2013-4154
security-tracker.debian.org/tracker/CVE-2013-4154
www.cve.org/CVERecord?id=CVE-2013-4154
www.redhat.com/archives/libvir-list/2013-July/msg00992.html
Related
prion
prion
Null pointer dereference
2013-09-30 21:55:00
cvelist
cvelist
CVE-2013-4154
2013-09-30 21:00:00
cve
cve
CVE-2013-4154
2013-09-30 21:55:00
debiancve
debiancve
CVE-2013-4154
2013-09-30 21:55:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.1.1-alt1
2013-08-08 00:00:00
osv
osv