CVE-2013-2218 – libvirt - 'virConnectListAllInterfaces' Method Denial of Service
https://notcve.org/view.php?id=CVE-2013-2218
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command. Vulnerabilidad de doble liberación en el método virConnectListAllInterfaces en interface/interface_backend_netcf.c de libvirt 1.0.6 permite a atacantes remotos causar una denegación de servicio (caída de libvirtd) a través de un flag "filtering" que causa que un interfaz sea omitido, como fue demostrado por el comando "virsh iface-list --inactive". • https://www.exploit-db.com/exploits/38622 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=244e0b8cf15ca2ef48d82058e728656e6c4bad11 http://libvirt.org/news.html http://www.openwall.com/lists/oss-security/2013/07/01/6 https://bugzilla.redhat.com/show_bug.cgi?id=980112 • CWE-399: Resource Management Errors •
CVE-2013-4296 – libvirt: invalid free in remoteDispatchDomainMemoryStats
https://notcve.org/view.php?id=CVE-2013-4296
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call. La funcion remoteDispatchDomainMemoryStats en daemon/remote.c de libvirt 0.9.1 hasta 0.10.1.x, 0.10.2.x anterior a 0.10.2.8, 1.0.x anterior a 1.0.5.6, y 1.1.x anterior 1.1.2 permite a usuarios remotos autenticados (deferencia y caida del proceso) a través de un llamada RPC manipulada • http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0 http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html http://rhn.redhat.com/errata/RHSA-2013-1272.html http://rhn.redhat.com/errata/RHSA-2013-1460.html http://secunia.com/advisories/60895 http://security.gentoo.org/glsa/glsa-201412-04.xml http://wiki.libvirt.org/page/Maintenance_Releases http://www.debian.org/security • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-5651
https://notcve.org/view.php?id=CVE-2013-5651
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune. La función virBitmapParse en util/virbitmap.c en libvirt anterior a v1.1.2 permite a atacantes dependientes del contexto provocar una denegación de servicio (lectura fuera de rango y caída) a través de un mapa de bits manipulado, como se demostró mediante un valor largo nodeset a numatune. • http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=47b9127e883677a0d60d767030a147450e919a25 http://libvirt.org/news.html http://lists.opensuse.org/opensuse-updates/2013-10/msg00024.html http://secunia.com/advisories/60895 http://security.gentoo.org/glsa/glsa-201412-04.xml http://www.openwall.com/lists/oss-security/2013/08/30/1 http://www.ubuntu.com/usn/USN-1954-1 https://bugzilla.redhat.com/show_bug.cgi?id=997367 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •