CVE-2013-7336: Null Pointer Dereference
First published: Tue Mar 18 2014(Updated: )
Description of the problem: Domblkstat is possible even with read-only connection, so whenever migration with spice is done and domblkstat gets called at the same time as qemuMonitorGetSpiceMigrationStatus(), there is certain possibility that the daemon crashes. An unprivileged user able to issue commands to running libvirtd could use this flaw to crash libvirtd and prevent more privileged clients from working correctly. Upstream fix: <a href="http://libvirt.org/git/?p=libvirt.git;a=commit;h=484cc321">http://libvirt.org/git/?p=libvirt.git;a=commit;h=484cc321</a> Acknowledgements: This issue was discovered by Marian Krcmarik of Red Hat.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Redhat Libvirt | <=1.1.2 | |
| Redhat Libvirt | =1.0.0 | |
| Redhat Libvirt | =1.0.1 | |
| Redhat Libvirt | =1.0.2 | |
| Redhat Libvirt | =1.0.3 | |
| Redhat Libvirt | =1.0.4 | |
| Redhat Libvirt | =1.0.5 | |
| Redhat Libvirt | =1.0.5.1 | |
| Redhat Libvirt | =1.0.5.2 | |
| Redhat Libvirt | =1.0.5.3 | |
| Redhat Libvirt | =1.0.5.4 | |
| Redhat Libvirt | =1.0.5.5 | |
| Redhat Libvirt | =1.0.5.6 | |
| Redhat Libvirt | =1.0.6 | |
| Redhat Libvirt | =1.1.0 | |
| Redhat Libvirt | =1.1.1 | |
| openSUSE openSUSE | =13.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://libvirt.org/git/?p=libvirt.git;a=commit;h=484cc321
- http://rhn.redhat.com/errata/RHBA-2013-1581.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1077620#c1
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=920205
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1077620#c2
- https://bugzilla.redhat.com/show_bug.cgi?id=1077620
- http://libvirt.org/news.html
- http://lists.opensuse.org/opensuse-updates/2014-05/msg00004.html
- http://secunia.com/advisories/60895
- http://security.gentoo.org/glsa/glsa-201412-04.xml
- http://www.openwall.com/lists/oss-security/2014/03/18/1
- http://www.openwall.com/lists/oss-security/2014/03/18/3
- collector/redhat-bugzilla
- alias/CVE-2013-7336
- agent/type
- agent/references
- agent/first-publish-date
- agent/remedy
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/redhat libvirt
- version/redhat libvirt/1.1.2
- version/redhat libvirt/1.0.0
- version/redhat libvirt/1.0.1
- version/redhat libvirt/1.0.2
- version/redhat libvirt/1.0.3
- version/redhat libvirt/1.0.4
- version/redhat libvirt/1.0.5
- version/redhat libvirt/1.0.5.1
- version/redhat libvirt/1.0.5.2
- version/redhat libvirt/1.0.5.3
- version/redhat libvirt/1.0.5.4
- version/redhat libvirt/1.0.5.5
- version/redhat libvirt/1.0.5.6
- version/redhat libvirt/1.0.6
- version/redhat libvirt/1.1.0
- version/redhat libvirt/1.1.1
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/13.1