Redhat: >> Libvirt >> 1.0.5 Security Vulnerabilities
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
CVSS Score
4.0
EPSS Score
0.006
Published
2013-09-30
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.
CVSS Score
5.0
EPSS Score
0.006
Published
2013-09-30
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool."
CVSS Score
5.0
EPSS Score
0.038
Published
2013-05-29
Page 4