CVE-2013-6458

Published: 24 January 2014

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

Notes

Author	Note
mdeslaur	code in lucid is different, looks ok

Priority

Status

Package	Release	Status
libvirt Launchpad, Ubuntu, Debian	lucid	Not vulnerable
	precise	Released (0.9.8-2ubuntu17.17)
	quantal	Released (0.9.13-0ubuntu12.6)
	raring	Ignored (end of life)
	saucy	Released (1.1.1-0ubuntu8.5)
	upstream	Released (1.2.1)
	Patches: upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=b799259583bd65c0b2f5042e6c3ff19637ade881 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f93d2caa070f6197ab50d372d286018b0ba6bbd8 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=ff5f30b6bfa317f2a4c33f69289baf4e887eb048 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3b56425938e2f97208d5918263efa0d6439e4ecd upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=c430c002dd8287c5d7b834993ddfbd61435248c4 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=4dd29d3bdf4bf3a4c4b1077ddf4355bcf548ca2f upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e7d9e54e9ce286fe1bee5d32089cd58d63e5cee upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=2786686eb5855e0046817d47055cd784881ca8cb

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›