CVE-2013-7336

Severity Score

1.9

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.

La función qemuMigrationWaitForSpice en qemu/qemu_migration.c en libvirt anterior a 1.1.3 no entra debidamente en un monitor cuando realiza migración SPICE ininterrumpida, lo que permite a usuarios locales causar una denegación de servicio (referencia a puntero nulo y caída de libvirtd) al provocar que domblkstat sea llamado en el mismo momento que la función qemuMonitorGetSpiceMigrationStatus.

*Credits: N/A

CVSS Scores

NISTv2 1.9

Attack Vector

Local

Attack Complexity

Medium

Authentication

None

Confidentiality

None

Integrity

None

Availability

Partial

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2014-03-18 CVE Reserved
2014-05-07 CVE Published
2023-03-08 EPSS Updated
2024-08-06 CVE Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CAPEC

References (8)

URL	Tag	Source
http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=484cc321	X_refsource_confirm
http://libvirt.org/news.html	X_refsource_confirm
http://secunia.com/advisories/60895	Third Party Advisory
http://www.openwall.com/lists/oss-security/2014/03/18/1	Mailing List
https://bugzilla.redhat.com/show_bug.cgi?id=1077620	X_refsource_confirm

URL	Date	SRC

URL	Date	SRC
http://www.openwall.com/lists/oss-security/2014/03/18/3	2023-11-07

URL	Date	SRC
http://lists.opensuse.org/opensuse-updates/2014-05/msg00004.html	2023-11-07
http://security.gentoo.org/glsa/glsa-201412-04.xml	2023-11-07

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				<= 1.1.2 Search vendor "Redhat" for product "Libvirt" and version " <= 1.1.2"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.0 Search vendor "Redhat" for product "Libvirt" and version "1.0.0"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.1 Search vendor "Redhat" for product "Libvirt" and version "1.0.1"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.2 Search vendor "Redhat" for product "Libvirt" and version "1.0.2"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.3 Search vendor "Redhat" for product "Libvirt" and version "1.0.3"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.4 Search vendor "Redhat" for product "Libvirt" and version "1.0.4"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5 Search vendor "Redhat" for product "Libvirt" and version "1.0.5"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5.1 Search vendor "Redhat" for product "Libvirt" and version "1.0.5.1"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5.2 Search vendor "Redhat" for product "Libvirt" and version "1.0.5.2"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5.3 Search vendor "Redhat" for product "Libvirt" and version "1.0.5.3"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5.4 Search vendor "Redhat" for product "Libvirt" and version "1.0.5.4"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5.5 Search vendor "Redhat" for product "Libvirt" and version "1.0.5.5"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.5.6 Search vendor "Redhat" for product "Libvirt" and version "1.0.5.6"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.0.6 Search vendor "Redhat" for product "Libvirt" and version "1.0.6"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.1.0 Search vendor "Redhat" for product "Libvirt" and version "1.1.0"		-		Affected
Redhat Search vendor "Redhat"		Libvirt Search vendor "Redhat" for product "Libvirt"				1.1.1 Search vendor "Redhat" for product "Libvirt" and version "1.1.1"		-		Affected
Opensuse Search vendor "Opensuse"		Opensuse Search vendor "Opensuse" for product "Opensuse"				13.1 Search vendor "Opensuse" for product "Opensuse" and version "13.1"		-		Affected