3.3 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
libvirt is vulnerable to denial of service. A flaw was found in the way libvirtd handled error reporting for concurrent connections. A remote attacker able to establish read-only connections to libvirtd on a server could use this flaw to crash libvirtd.
libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=f44bfb7fb978c9313ce050a1c4149bf04aa0a670
libvirt.org/git/?p=libvirt.git;a=commit;h=f44bfb7fb978c9313ce050a1c4149bf04aa0a670
secunia.com/advisories/44459
securitytracker.com/id?1025477
support.avaya.com/css/P8/documents/100134583
www.debian.org/security/2011/dsa-2280
www.redhat.com/support/errata/RHSA-2011-0478.html
www.redhat.com/support/errata/RHSA-2011-0479.html
www.securityfocus.com/bid/47148
www.ubuntu.com/usn/USN-1152-1
access.redhat.com/errata/RHSA-2011:0478
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=693391
www.redhat.com/archives/libvir-list/2011-March/msg01087.html