CVE-2013-6458

NONECVSS 0.0

0.0

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

🔗 References (22)

secalert@redhathttp://libvirt.org/news.html
secalert@redhathttp://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
secalert@redhathttp://lists.opensuse.org/opensuse-updates/2014-02/msg00062.html
secalert@redhathttp://rhn.redhat.com/errata/RHSA-2014-0103.html
secalert@redhathttp://secunia.com/advisories/56186
secalert@redhathttp://secunia.com/advisories/56446
secalert@redhathttp://secunia.com/advisories/60895
secalert@redhathttp://security.gentoo.org/glsa/glsa-201412-04.xml
secalert@redhathttp://www.debian.org/security/2014/dsa-2846
secalert@redhathttp://www.ubuntu.com/usn/USN-2093-1
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=1043069
af854a3a-2127-422b-91ae-364da2661108http://libvirt.org/news.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-02/msg00062.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2014-0103.html

Is Your Infrastructure Affected by CVE-2013-6458?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2013-6458

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2013-6458?