CVE-2012-4423: Null Pointer Dereference
First published: Thu Sep 13 2012(Updated: )
It has been found that sending RPC message with an event as the RPC number, or RPC number that falls into gap in the RPC dispatch table, can lead to libvirtd accessing memory at page zero. A remote attacker could use this flaw to crash libvirtd (DoS). Proposed upstream fix: <a href="https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html">https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html</a>
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | <=0.10.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.0.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.0.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.0.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.0.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.0.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.0.6 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.6 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.7 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.8 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.1.9 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.2.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.2.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.2.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.2.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.3.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.3.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.3.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.3.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.4.6 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.5.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.5.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.6.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.6.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.6.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.6.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.6.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.6.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.6 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.7.7 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.6 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.7 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.8.8 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.0 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.1 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.2 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.3 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.4 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.5 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.6 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.7 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.8 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.9 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.10 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.11 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.12 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.9.13 | |
| Red Hat Libvirt-daemon-driver-storage-iscsi-direct | =0.10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=857135
- https://rhn.redhat.com/errata/RHSA-2012-1359.html
- https://bugzilla.redhat.com/show_bug.cgi?id=857133
- http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a
- http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html
- http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html
- http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html
- http://rhn.redhat.com/errata/RHSA-2012-1359.html
- http://www.openwall.com/lists/oss-security/2012/09/13/14
- http://www.securityfocus.com/bid/55541
- http://www.securitytracker.com/id?1027649
- http://www.ubuntu.com/usn/USN-1708-1
Frequently Asked Questions
What is the severity of CVE-2012-4423?
The severity of CVE-2012-4423 is classified as high due to its potential to cause a denial of service.
How do I fix CVE-2012-4423?
To fix CVE-2012-4423, upgrade to the latest version of libvirt that addresses this vulnerability.
Who is affected by CVE-2012-4423?
CVE-2012-4423 affects versions of libvirt from 0.10.1 and earlier.
What type of attack does CVE-2012-4423 enable?
CVE-2012-4423 enables a remote attacker to cause a crash of the libvirtd service, resulting in a denial of service.
Is there a patch available for CVE-2012-4423?
Yes, a patch to address CVE-2012-4423 has been proposed and is available in newer versions of libvirt.
- collector/redhat-bugzilla
- alias/CVE-2012-4423
- agent/references
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/severity
- agent/weakness
- agent/author
- agent/description
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat libvirt-daemon-driver-storage-iscsi-direct
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.10.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.0.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.0.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.0.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.0.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.0.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.0.6
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.6
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.7
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.8
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.1.9
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.2.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.2.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.2.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.2.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.3.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.3.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.3.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.3.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.4.6
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.5.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.5.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.6.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.6.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.6.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.6.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.6.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.6.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.6
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.7.7
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.6
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.7
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.8.8
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.0
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.1
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.2
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.3
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.4
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.5
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.6
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.7
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.8
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.9
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.10
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.11
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.12
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.9.13
- version/red hat libvirt-daemon-driver-storage-iscsi-direct/0.10.0