CVE-2013-4399
EUVD-2013-427812.12.2014, 15:59
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | libvirt | 𝑥 ≤ 1.1.3 |
| redhat | libvirt | 0.0.1 |
| redhat | libvirt | 0.0.2 |
| redhat | libvirt | 0.0.3 |
| redhat | libvirt | 0.0.4 |
| redhat | libvirt | 0.0.5 |
| redhat | libvirt | 0.0.6 |
| redhat | libvirt | 0.1.0 |
| redhat | libvirt | 0.1.1 |
| redhat | libvirt | 0.1.3 |
| redhat | libvirt | 0.1.4 |
| redhat | libvirt | 0.1.5 |
| redhat | libvirt | 0.1.6 |
| redhat | libvirt | 0.1.7 |
| redhat | libvirt | 0.1.8 |
| redhat | libvirt | 0.1.9 |
| redhat | libvirt | 0.2.0 |
| redhat | libvirt | 0.2.1 |
| redhat | libvirt | 0.2.2 |
| redhat | libvirt | 0.2.3 |
| redhat | libvirt | 0.3.0 |
| redhat | libvirt | 0.3.1 |
| redhat | libvirt | 0.3.2 |
| redhat | libvirt | 0.3.3 |
| redhat | libvirt | 0.4.0 |
| redhat | libvirt | 0.4.1 |
| redhat | libvirt | 0.4.2 |
| redhat | libvirt | 0.4.3 |
| redhat | libvirt | 0.4.4 |
| redhat | libvirt | 0.4.5 |
| redhat | libvirt | 0.4.6 |
| redhat | libvirt | 0.5.0 |
| redhat | libvirt | 0.5.1 |
| redhat | libvirt | 0.6.0 |
| redhat | libvirt | 0.6.1 |
| redhat | libvirt | 0.6.2 |
| redhat | libvirt | 0.6.3 |
| redhat | libvirt | 0.6.4 |
| redhat | libvirt | 0.6.5 |
| redhat | libvirt | 0.7.0 |
| redhat | libvirt | 0.7.1 |
| redhat | libvirt | 0.7.2 |
| redhat | libvirt | 0.7.3 |
| redhat | libvirt | 0.7.4 |
| redhat | libvirt | 0.7.5 |
| redhat | libvirt | 0.7.6 |
| redhat | libvirt | 0.7.7 |
| redhat | libvirt | 0.8.0 |
| redhat | libvirt | 0.8.1 |
| redhat | libvirt | 0.8.2 |
| redhat | libvirt | 0.8.3 |
| redhat | libvirt | 0.8.4 |
| redhat | libvirt | 0.8.5 |
| redhat | libvirt | 0.8.6 |
| redhat | libvirt | 0.8.7 |
| redhat | libvirt | 0.8.8 |
| redhat | libvirt | 0.9.0 |
| redhat | libvirt | 0.9.1 |
| redhat | libvirt | 0.9.2 |
| redhat | libvirt | 0.9.3 |
| redhat | libvirt | 0.9.4 |
| redhat | libvirt | 0.9.5 |
| redhat | libvirt | 0.9.6 |
| redhat | libvirt | 0.9.6.1 |
| redhat | libvirt | 0.9.6.2 |
| redhat | libvirt | 0.9.6.3 |
| redhat | libvirt | 0.9.7 |
| redhat | libvirt | 0.9.8 |
| redhat | libvirt | 0.9.9 |
| redhat | libvirt | 0.9.10 |
| redhat | libvirt | 0.9.11 |
| redhat | libvirt | 0.9.11.1 |
| redhat | libvirt | 0.9.11.2 |
| redhat | libvirt | 0.9.11.3 |
| redhat | libvirt | 0.9.11.4 |
| redhat | libvirt | 0.9.11.5 |
| redhat | libvirt | 0.9.11.6 |
| redhat | libvirt | 0.9.11.7 |
| redhat | libvirt | 0.9.11.8 |
| redhat | libvirt | 0.9.12 |
| redhat | libvirt | 0.9.13 |
| redhat | libvirt | 0.10.0 |
| redhat | libvirt | 0.10.1 |
| redhat | libvirt | 0.10.2 |
| redhat | libvirt | 0.10.2.1 |
| redhat | libvirt | 0.10.2.2 |
| redhat | libvirt | 0.10.2.3 |
| redhat | libvirt | 0.10.2.4 |
| redhat | libvirt | 0.10.2.5 |
| redhat | libvirt | 0.10.2.6 |
| redhat | libvirt | 0.10.2.7 |
| redhat | libvirt | 0.10.2.8 |
| redhat | libvirt | 1.0.0 |
| redhat | libvirt | 1.0.1 |
| redhat | libvirt | 1.0.2 |
| redhat | libvirt | 1.0.3 |
| redhat | libvirt | 1.0.4 |
| redhat | libvirt | 1.0.5 |
| redhat | libvirt | 1.0.5.1 |
| redhat | libvirt | 1.0.5.2 |
| redhat | libvirt | 1.0.5.3 |
| redhat | libvirt | 1.0.5.4 |
| redhat | libvirt | 1.0.5.5 |
| redhat | libvirt | 1.0.5.6 |
| redhat | libvirt | 1.0.6 |
| redhat | libvirt | 1.1.0 |
| redhat | libvirt | 1.1.1 |
| redhat | libvirt | 1.1.2 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
References