CVE-2013-0170
08.02.2013, 20:55
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.Enginsight
Vendor | Product | Version |
---|---|---|
redhat | libvirt | 0.9.6 ≤ 𝑥 < 0.9.6.4 |
redhat | libvirt | 0.9.11 ≤ 𝑥 < 0.9.11.9 |
redhat | libvirt | 0.10.2 ≤ 𝑥 < 0.10.2.3 |
redhat | libvirt | 1.0.0 ≤ 𝑥 < 1.0.2 |
opensuse | opensuse | 12.1 |
opensuse | opensuse | 12.2 |
redhat | enterprise_linux_desktop | 6.0 |
redhat | enterprise_linux_eus | 6.3 |
redhat | enterprise_linux_server | 6.0 |
redhat | enterprise_linux_workstation | 6.0 |
canonical | ubuntu_linux | 12.04 |
canonical | ubuntu_linux | 12.10 |
𝑥
= Vulnerable software versions
![Debian logo](https://cve.enginsight.com/assets/img/debian.png)
Debian Releases
![Ubuntu logo](https://cve.enginsight.com/assets/img/ubuntu.png)
Ubuntu Releases
Common Weakness Enumeration
References