CVE-2013-4399
12.12.2014, 15:59
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | libvirt | 𝑥 ≤ 1.1.3 |
| redhat | libvirt | 0.0.1 |
| redhat | libvirt | 0.0.2 |
| redhat | libvirt | 0.0.3 |
| redhat | libvirt | 0.0.4 |
| redhat | libvirt | 0.0.5 |
| redhat | libvirt | 0.0.6 |
| redhat | libvirt | 0.1.0 |
| redhat | libvirt | 0.1.1 |
| redhat | libvirt | 0.1.3 |
| redhat | libvirt | 0.1.4 |
| redhat | libvirt | 0.1.5 |
| redhat | libvirt | 0.1.6 |
| redhat | libvirt | 0.1.7 |
| redhat | libvirt | 0.1.8 |
| redhat | libvirt | 0.1.9 |
| redhat | libvirt | 0.2.0 |
| redhat | libvirt | 0.2.1 |
| redhat | libvirt | 0.2.2 |
| redhat | libvirt | 0.2.3 |
| redhat | libvirt | 0.3.0 |
| redhat | libvirt | 0.3.1 |
| redhat | libvirt | 0.3.2 |
| redhat | libvirt | 0.3.3 |
| redhat | libvirt | 0.4.0 |
| redhat | libvirt | 0.4.1 |
| redhat | libvirt | 0.4.2 |
| redhat | libvirt | 0.4.3 |
| redhat | libvirt | 0.4.4 |
| redhat | libvirt | 0.4.5 |
| redhat | libvirt | 0.4.6 |
| redhat | libvirt | 0.5.0 |
| redhat | libvirt | 0.5.1 |
| redhat | libvirt | 0.6.0 |
| redhat | libvirt | 0.6.1 |
| redhat | libvirt | 0.6.2 |
| redhat | libvirt | 0.6.3 |
| redhat | libvirt | 0.6.4 |
| redhat | libvirt | 0.6.5 |
| redhat | libvirt | 0.7.0 |
| redhat | libvirt | 0.7.1 |
| redhat | libvirt | 0.7.2 |
| redhat | libvirt | 0.7.3 |
| redhat | libvirt | 0.7.4 |
| redhat | libvirt | 0.7.5 |
| redhat | libvirt | 0.7.6 |
| redhat | libvirt | 0.7.7 |
| redhat | libvirt | 0.8.0 |
| redhat | libvirt | 0.8.1 |
| redhat | libvirt | 0.8.2 |
| redhat | libvirt | 0.8.3 |
| redhat | libvirt | 0.8.4 |
| redhat | libvirt | 0.8.5 |
| redhat | libvirt | 0.8.6 |
| redhat | libvirt | 0.8.7 |
| redhat | libvirt | 0.8.8 |
| redhat | libvirt | 0.9.0 |
| redhat | libvirt | 0.9.1 |
| redhat | libvirt | 0.9.2 |
| redhat | libvirt | 0.9.3 |
| redhat | libvirt | 0.9.4 |
| redhat | libvirt | 0.9.5 |
| redhat | libvirt | 0.9.6 |
| redhat | libvirt | 0.9.6.1 |
| redhat | libvirt | 0.9.6.2 |
| redhat | libvirt | 0.9.6.3 |
| redhat | libvirt | 0.9.7 |
| redhat | libvirt | 0.9.8 |
| redhat | libvirt | 0.9.9 |
| redhat | libvirt | 0.9.10 |
| redhat | libvirt | 0.9.11 |
| redhat | libvirt | 0.9.11.1 |
| redhat | libvirt | 0.9.11.2 |
| redhat | libvirt | 0.9.11.3 |
| redhat | libvirt | 0.9.11.4 |
| redhat | libvirt | 0.9.11.5 |
| redhat | libvirt | 0.9.11.6 |
| redhat | libvirt | 0.9.11.7 |
| redhat | libvirt | 0.9.11.8 |
| redhat | libvirt | 0.9.12 |
| redhat | libvirt | 0.9.13 |
| redhat | libvirt | 0.10.0 |
| redhat | libvirt | 0.10.1 |
| redhat | libvirt | 0.10.2 |
| redhat | libvirt | 0.10.2.1 |
| redhat | libvirt | 0.10.2.2 |
| redhat | libvirt | 0.10.2.3 |
| redhat | libvirt | 0.10.2.4 |
| redhat | libvirt | 0.10.2.5 |
| redhat | libvirt | 0.10.2.6 |
| redhat | libvirt | 0.10.2.7 |
| redhat | libvirt | 0.10.2.8 |
| redhat | libvirt | 1.0.0 |
| redhat | libvirt | 1.0.1 |
| redhat | libvirt | 1.0.2 |
| redhat | libvirt | 1.0.3 |
| redhat | libvirt | 1.0.4 |
| redhat | libvirt | 1.0.5 |
| redhat | libvirt | 1.0.5.1 |
| redhat | libvirt | 1.0.5.2 |
| redhat | libvirt | 1.0.5.3 |
| redhat | libvirt | 1.0.5.4 |
| redhat | libvirt | 1.0.5.5 |
| redhat | libvirt | 1.0.5.6 |
| redhat | libvirt | 1.0.6 |
| redhat | libvirt | 1.1.0 |
| redhat | libvirt | 1.1.1 |
| redhat | libvirt | 1.1.2 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
openSUSE / SLES Releases
openSUSE Product | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| libvirt |
| ||||||||
| libvirt-admin |
| ||||||||
| libvirt-client |
| ||||||||
| libvirt-daemon |
| ||||||||
| libvirt-daemon-config-network |
| ||||||||
| libvirt-daemon-config-nwfilter |
| ||||||||
| libvirt-daemon-driver-interface |
| ||||||||
| libvirt-daemon-driver-libxl |
| ||||||||
| libvirt-daemon-driver-lxc |
| ||||||||
| libvirt-daemon-driver-network |
| ||||||||
| libvirt-daemon-driver-nodedev |
| ||||||||
| libvirt-daemon-driver-nwfilter |
| ||||||||
| libvirt-daemon-driver-qemu |
| ||||||||
| libvirt-daemon-driver-secret |
| ||||||||
| libvirt-daemon-driver-storage |
| ||||||||
| libvirt-daemon-driver-storage-core |
| ||||||||
| libvirt-daemon-driver-storage-disk |
| ||||||||
| libvirt-daemon-driver-storage-iscsi |
| ||||||||
| libvirt-daemon-driver-storage-logical |
| ||||||||
| libvirt-daemon-driver-storage-mpath |
| ||||||||
| libvirt-daemon-driver-storage-rbd |
| ||||||||
| libvirt-daemon-driver-storage-scsi |
| ||||||||
| libvirt-daemon-hooks |
| ||||||||
| libvirt-daemon-lxc |
| ||||||||
| libvirt-daemon-qemu |
| ||||||||
| libvirt-daemon-xen |
| ||||||||
| libvirt-devel |
| ||||||||
| libvirt-doc |
| ||||||||
| libvirt-libs |
| ||||||||
| libvirt-lock-sanlock |
| ||||||||
| libvirt-nss |
|
References