CVSS: 9.8EPSS: 1%CPEs: 9EXPL: 0CVE-2014-3657 – libvirt: domain_conf: domain deadlock DoS
https://notcve.org/view.php?id=CVE-2014-3657
02 Oct 2014 — The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command. La función virDomainListPopulate en conf/domain_conf.c en libvirt anterior a 1.2.9 no limpia el bloqueo en la lista de dominios, lo que permite a atacantes remotos causar una denegación de servicio (bloqueo mutuo) a través d... • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=fc22b2e74890873848b43fffae43025d22053669 • CWE-20: Improper Input Validation CWE-399: Resource Management Errors •
CVSS: 9.8EPSS: 3%CPEs: 12EXPL: 0CVE-2014-3633 – libvirt: qemu: out-of-bounds read access in qemuDomainGetBlockIoTune() due to invalid index
https://notcve.org/view.php?id=CVE-2014-3633
30 Sep 2014 — The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read. La función qemuDomainGetBlockIoTune en qemu/qemu_driver.c en libvirt anterior a 1.2.9, cuando un disco ha sido conectado en caliente o eliminado de la imagen en vivo, permite a atacantes remotos ca... • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 75EXPL: 0CVE-2014-0179 – libvirt: unsafe parsing of XML documents allows libvirt DoS and/or arbitrary file read
https://notcve.org/view.php?id=CVE-2014-0179
19 May 2014 — libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document containing an XML external entity declaration in conjunction with an entity reference to the (1) virConnectCompareCPU or (2) virConnectBaselineCPU API method, related to an XML External Entity (XXE) issue. NOTE: this issue was SPLIT per ADT3 due to different affected versions of some vectors. CVE-2014-5177 is used for other API methods. libvirt 0.7.5 hasta 1.2.x anterior ... • http://libvirt.org/news.html • CWE-20: Improper Input Validation CWE-611: Improper Restriction of XML External Entity Reference •
CVSS: 9.8EPSS: 0%CPEs: 17EXPL: 0CVE-2013-7336 – Gentoo Linux Security Advisory 201412-04
https://notcve.org/view.php?id=CVE-2013-7336
07 May 2014 — The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function. La función qemuMigrationWaitForSpice en qemu/qemu_migration.c en libvirt anterior a 1.1.3 no entra debidamente en un monitor cuando realiza migr... • http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=484cc321 •
CVSS: 9.8EPSS: 0%CPEs: 110EXPL: 0CVE-2013-6457 – Ubuntu Security Notice USN-2093-1
https://notcve.org/view.php?id=CVE-2013-6457
24 Jan 2014 — The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command. La función libxlDomainGetNumaParameters en el driver libxl (libxl/libxl_driver.c) de libvirt anteriores a 1.2.1 no inicializa correctamente el nodemap, lo cual permite a usuarios loca... • http://libvirt.org/news.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 1%CPEs: 110EXPL: 0CVE-2013-6458 – qemu: job usage issue in several APIs leading to libvirtd crash
https://notcve.org/view.php?id=CVE-2013-6458
18 Jan 2014 — Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command. Múltiples condiciones de carrera en las funciones (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl y (4) virDomainGetBlockIoTu... • http://libvirt.org/news.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 6%CPEs: 110EXPL: 1CVE-2014-1447 – libvirt: denial of service with keepalive
https://notcve.org/view.php?id=CVE-2014-1447
18 Jan 2014 — Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. Condición de carrera en la función virNetServerClientStartKeepAlive en libvirt anteriores a 1.2.1 permite a atacantes remotos causar denegación de servicio (caída de libvirtd) mediante el cierre de conexiones antes de que una respuesta keepalive sea enviada. Martin Kletzander discovered that ... • https://github.com/tagatac/libvirt-CVE-2014-1447 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.8EPSS: 0%CPEs: 93EXPL: 0CVE-2013-2230
https://notcve.org/view.php?id=CVE-2013-2230
30 Sep 2013 — The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration." El controlador qemu (qemu/qemu_driver.c) en libvirt anteriores a 1.1.1 permite a usuarios autenticados remotos causar una denegación de servicio (caída del demonio) a través de vectores no especificados que involucran "multiple events registration". • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f38c8185f97720ecae7ef2291fbaa5d6b0209e17 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 0%CPEs: 8EXPL: 1CVE-2013-4154
https://notcve.org/view.php?id=CVE-2013-4154
30 Sep 2013 — The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command. La función qemuAgentCommand en libvirt anteriores a 1.1.1, cuando no es configurado un agente invitado, permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo y cuelgue) a través ... • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=96518d4316b711c72205117f8d5c967d5127bbb6 •
CVSS: 7.8EPSS: 0%CPEs: 3EXPL: 0CVE-2013-4291
https://notcve.org/view.php?id=CVE-2013-4291
30 Sep 2013 — The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges. La función virSecurityManagerSetProcessLabel en libvirt 0.10.2.7, 1.0.5.5, y 1.1.1, cuando el dominio ha leído una etiqueta uid:gid, no establece adecuadamente las pertenencias a grupos, lo que permite a usuarios locales ganar privilegios. • http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=fe11d34a6d46d6641ce90dc665164fda7bb6bff8 • CWE-264: Permissions, Privileges, and Access Controls •