CVE-2013-4296
Published: 17 September 2013
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.
Notes
| Author | Note |
|---|---|
| mdeslaur | introduced in 0.9.1 by 158ba8730e44b7dd07a21ab90499996c5dec080a |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libvirt Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
(code not present)
|
| precise |
Released
(0.9.8-2ubuntu17.13)
|
|
| quantal |
Released
(0.9.13-0ubuntu12.5)
|
|
| raring |
Released
(1.0.2-0ubuntu11.13.04.4)
|
|
| upstream |
Needs triage
|
|
|
Patches: upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=e7f400a110e2e3673b96518170bfea0855dd82c0 |
||