REDHAT-BUG-1048629
First published: Sun Jan 05 2014(Updated: )
An invalid free flaw in the libxl driver in libvirt resulted in libvirt crashing if "virsh numatune" was run on an inactive domain. It may be possible, but unlikely, for an attacker to leverage this flaw for arbitrary code execution. This issue affects the version of libvirt in Fedora 20. It does not affect the versions of libvirt in Red Hat Enterprise Linux 5 and 6 as those versions do not use libxl.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Oracle Libvirt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-1048629?
The severity of REDHAT-BUG-1048629 is considered high due to its potential to crash libvirt.
How do I fix REDHAT-BUG-1048629?
To fix REDHAT-BUG-1048629, update libvirt to a version that addresses the invalid free flaw.
What impact does REDHAT-BUG-1048629 have on system security?
REDHAT-BUG-1048629 may allow for arbitrary code execution, although it is considered unlikely.
Which versions of libvirt are affected by REDHAT-BUG-1048629?
REDHAT-BUG-1048629 affects the version of libvirt in Fedora 20.
Can REDHAT-BUG-1048629 be exploited remotely?
Exploitation of REDHAT-BUG-1048629 would require local access to the system, making a remote exploit unlikely.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2013-6457
- agent/severity
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/libvirt
- canonical/oracle libvirt