Lucene search
RedhatCVE-2013-4297HistorySep 30, 2013 - 9:55 p.m.
CVE-2013-4297
2013-09-3021:55:09
CWE-119
redhat
web.nvd.nist.gov
39
cve-2013-4297
libvirt
denial of service
remote authenticated users
security vulnerability
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
7.7
Confidence
High
EPSS
0.004
Percentile
74.2%
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
Affected configurations
Node
redhatlibvirtRange≤1.1.2
ORredhatlibvirtMatch0.0.1
ORredhatlibvirtMatch0.0.2
ORredhatlibvirtMatch0.0.3
ORredhatlibvirtMatch0.0.4
ORredhatlibvirtMatch0.0.5
ORredhatlibvirtMatch0.0.6
ORredhatlibvirtMatch0.1.0
ORredhatlibvirtMatch0.1.1
ORredhatlibvirtMatch0.1.3
ORredhatlibvirtMatch0.1.4
ORredhatlibvirtMatch0.1.5
ORredhatlibvirtMatch0.1.6
ORredhatlibvirtMatch0.1.7
ORredhatlibvirtMatch0.1.8
ORredhatlibvirtMatch0.1.9
ORredhatlibvirtMatch0.2.0
ORredhatlibvirtMatch0.2.1
ORredhatlibvirtMatch0.2.2
ORredhatlibvirtMatch0.2.3
ORredhatlibvirtMatch0.3.0
ORredhatlibvirtMatch0.3.1
ORredhatlibvirtMatch0.3.2
ORredhatlibvirtMatch0.3.3
ORredhatlibvirtMatch0.4.0
ORredhatlibvirtMatch0.4.1
ORredhatlibvirtMatch0.4.2
ORredhatlibvirtMatch0.4.3
ORredhatlibvirtMatch0.4.4
ORredhatlibvirtMatch0.4.5
ORredhatlibvirtMatch0.4.6
ORredhatlibvirtMatch0.5.0
ORredhatlibvirtMatch0.5.1
ORredhatlibvirtMatch0.6.0
ORredhatlibvirtMatch0.6.1
ORredhatlibvirtMatch0.6.2
ORredhatlibvirtMatch0.6.3
ORredhatlibvirtMatch0.6.4
ORredhatlibvirtMatch0.6.5
ORredhatlibvirtMatch0.7.0
ORredhatlibvirtMatch0.7.1
ORredhatlibvirtMatch0.7.2
ORredhatlibvirtMatch0.7.3
ORredhatlibvirtMatch0.7.4
ORredhatlibvirtMatch0.7.5
ORredhatlibvirtMatch0.7.6
ORredhatlibvirtMatch0.7.7
ORredhatlibvirtMatch0.8.0
ORredhatlibvirtMatch0.8.1
ORredhatlibvirtMatch0.8.2
ORredhatlibvirtMatch0.8.3
ORredhatlibvirtMatch0.8.4
ORredhatlibvirtMatch0.8.5
ORredhatlibvirtMatch0.8.6
ORredhatlibvirtMatch0.8.7
ORredhatlibvirtMatch0.8.8
ORredhatlibvirtMatch0.9.0
ORredhatlibvirtMatch0.9.1
ORredhatlibvirtMatch0.9.2
ORredhatlibvirtMatch0.9.3
ORredhatlibvirtMatch0.9.4
ORredhatlibvirtMatch0.9.5
ORredhatlibvirtMatch0.9.6
ORredhatlibvirtMatch0.9.6.1
ORredhatlibvirtMatch0.9.6.2
ORredhatlibvirtMatch0.9.6.3
ORredhatlibvirtMatch0.9.7
ORredhatlibvirtMatch0.9.8
ORredhatlibvirtMatch0.9.9
ORredhatlibvirtMatch0.9.10
ORredhatlibvirtMatch0.9.11
ORredhatlibvirtMatch0.9.11.1
ORredhatlibvirtMatch0.9.11.2
ORredhatlibvirtMatch0.9.11.3
ORredhatlibvirtMatch0.9.11.4
ORredhatlibvirtMatch0.9.11.5
ORredhatlibvirtMatch0.9.11.6
ORredhatlibvirtMatch0.9.11.7
ORredhatlibvirtMatch0.9.11.8
ORredhatlibvirtMatch0.9.12
ORredhatlibvirtMatch0.9.13
ORredhatlibvirtMatch0.10.0
ORredhatlibvirtMatch0.10.1
ORredhatlibvirtMatch0.10.2
ORredhatlibvirtMatch0.10.2.1
ORredhatlibvirtMatch0.10.2.2
ORredhatlibvirtMatch1.0.0
ORredhatlibvirtMatch1.0.1
ORredhatlibvirtMatch1.0.2
ORredhatlibvirtMatch1.0.3
ORredhatlibvirtMatch1.0.4
ORredhatlibvirtMatch1.0.5
ORredhatlibvirtMatch1.0.6
ORredhatlibvirtMatch1.1.0
ORredhatlibvirtMatch1.1.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | libvirt | 0.0.1 | cpe:/a:redhat:libvirt:0.0.1::: |
| redhat | libvirt | 0.7.7 | cpe:/a:redhat:libvirt:0.7.7::: |
| redhat | libvirt | 0.9.11.8 | cpe:/a:redhat:libvirt:0.9.11.8::: |
| redhat | libvirt | 0.1.1 | cpe:/a:redhat:libvirt:0.1.1::: |
| redhat | libvirt | 0.1.7 | cpe:/a:redhat:libvirt:0.1.7::: |
| redhat | libvirt | 0.2.3 | cpe:/a:redhat:libvirt:0.2.3::: |
| redhat | libvirt | 0.3.3 | cpe:/a:redhat:libvirt:0.3.3::: |
| redhat | libvirt | 0.9.11.2 | cpe:/a:redhat:libvirt:0.9.11.2::: |
| redhat | libvirt | 0.10.2.2 | cpe:/a:redhat:libvirt:0.10.2.2::: |
| redhat | libvirt | 0.2.2 | cpe:/a:redhat:libvirt:0.2.2::: |
Related
cvelist
cvelist
CVE-2013-4297
2013-09-30 21:00:00
debiancve
debiancve
CVE-2013-4297
2013-09-30 21:55:09
prion
prion
Null pointer dereference
2013-09-30 21:55:00
nvd
nvd
CVE-2013-4297
2013-09-30 21:55:09
ubuntucve
ubuntucve
CVE-2013-4297
2013-09-30 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: libvirt-1.1.3-2.fc20
2013-10-12 04:34:13
nessus
nessus
Fedora 20 : libvirt-1.1.3-2.fc20 (2013-18455)
2013-10-13 00:00:00
GLSA-201412-04 : libvirt: Multiple vulnerabilities
2014-12-09 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.1.3-alt1
2013-10-01 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201412-04
2015-09-29 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
osv
osv
CVSS2
4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
AI Score
7.7
Confidence
High
EPSS
0.004
Percentile
74.2%
Related for CVE-2013-4297