Vulnerability Details CVE-2015-5247
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.2%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2015-5247
-
cpe:2.3:a:redhat:libvirt:1.2.14
-
cpe:2.3:a:redhat:libvirt:1.2.15
-
cpe:2.3:a:redhat:libvirt:1.2.16
-
cpe:2.3:a:redhat:libvirt:1.2.17
-
cpe:2.3:a:redhat:libvirt:1.2.18
-
cpe:2.3:a:redhat:libvirt:1.2.19
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:15.04
-
cpe:2.3:o:canonical:ubuntu_linux:15.10