CVE-2014-1447
libvirt: denial of service with keepalive
Severity Score
Exploit Likelihood
Affected Versions
110Public Exploits
1Exploited in Wild
-Decision
Descriptions
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.
Condición de carrera en la función virNetServerClientStartKeepAlive en libvirt anteriores a 1.2.1 permite a atacantes remotos causar denegación de servicio (caída de libvirtd) mediante el cierre de conexiones antes de que una respuesta keepalive sea enviada.
Martin Kletzander discovered that libvirt incorrectly handled reading memory tunables from LXC guests. A local user could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service. This issue only affected Ubuntu 13.10. Dario Faggioli discovered that libvirt incorrectly handled the libxl driver. A local user could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 13.10. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2014-01-14 CVE Reserved
- 2014-01-18 CVE Published
- 2015-02-22 First Exploit
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CAPEC
References (15)
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://lists.opensuse.org/opensuse-updates/2014-02/msg0006... | 2015-01-03 | |
| http://lists.opensuse.org/opensuse-updates/2014-02/msg0006... | 2015-01-03 | |
| http://rhn.redhat.com/errata/RHSA-2014-0103.html | 2015-01-03 | |
| http://security.gentoo.org/glsa/glsa-201412-04.xml | 2015-01-03 | |
| http://www.debian.org/security/2014/dsa-2846 | 2015-01-03 | |
| http://www.ubuntu.com/usn/USN-2093-1 | 2015-01-03 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1047577 | 2015-01-03 | |
| https://access.redhat.com/security/cve/CVE-2014-1447 | 2014-01-28 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1052957 | 2014-01-28 |