Lucene search
RedhatCVE-2013-4399HistoryDec 12, 2014 - 3:59 p.m.
CVE-2013-4399
2014-12-1215:59:00
redhat
web.nvd.nist.gov
38
cve-2013-4399
libvirt
remoteclientfreefunc
daemon
acls
denial of service
use-after-free
crash
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
8
Confidence
High
EPSS
0.011
Percentile
84.3%
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.
Affected configurations
Node
redhatlibvirtRange≤1.1.3
ORredhatlibvirtMatch0.0.1
ORredhatlibvirtMatch0.0.2
ORredhatlibvirtMatch0.0.3
ORredhatlibvirtMatch0.0.4
ORredhatlibvirtMatch0.0.5
ORredhatlibvirtMatch0.0.6
ORredhatlibvirtMatch0.1.0
ORredhatlibvirtMatch0.1.1
ORredhatlibvirtMatch0.1.3
ORredhatlibvirtMatch0.1.4
ORredhatlibvirtMatch0.1.5
ORredhatlibvirtMatch0.1.6
ORredhatlibvirtMatch0.1.7
ORredhatlibvirtMatch0.1.8
ORredhatlibvirtMatch0.1.9
ORredhatlibvirtMatch0.2.0
ORredhatlibvirtMatch0.2.1
ORredhatlibvirtMatch0.2.2
ORredhatlibvirtMatch0.2.3
ORredhatlibvirtMatch0.3.0
ORredhatlibvirtMatch0.3.1
ORredhatlibvirtMatch0.3.2
ORredhatlibvirtMatch0.3.3
ORredhatlibvirtMatch0.4.0
ORredhatlibvirtMatch0.4.1
ORredhatlibvirtMatch0.4.2
ORredhatlibvirtMatch0.4.3
ORredhatlibvirtMatch0.4.4
ORredhatlibvirtMatch0.4.5
ORredhatlibvirtMatch0.4.6
ORredhatlibvirtMatch0.5.0
ORredhatlibvirtMatch0.5.1
ORredhatlibvirtMatch0.6.0
ORredhatlibvirtMatch0.6.1
ORredhatlibvirtMatch0.6.2
ORredhatlibvirtMatch0.6.3
ORredhatlibvirtMatch0.6.4
ORredhatlibvirtMatch0.6.5
ORredhatlibvirtMatch0.7.0
ORredhatlibvirtMatch0.7.1
ORredhatlibvirtMatch0.7.2
ORredhatlibvirtMatch0.7.3
ORredhatlibvirtMatch0.7.4
ORredhatlibvirtMatch0.7.5
ORredhatlibvirtMatch0.7.6
ORredhatlibvirtMatch0.7.7
ORredhatlibvirtMatch0.8.0
ORredhatlibvirtMatch0.8.1
ORredhatlibvirtMatch0.8.2
ORredhatlibvirtMatch0.8.3
ORredhatlibvirtMatch0.8.4
ORredhatlibvirtMatch0.8.5
ORredhatlibvirtMatch0.8.6
ORredhatlibvirtMatch0.8.7
ORredhatlibvirtMatch0.8.8
ORredhatlibvirtMatch0.9.0
ORredhatlibvirtMatch0.9.1
ORredhatlibvirtMatch0.9.2
ORredhatlibvirtMatch0.9.3
ORredhatlibvirtMatch0.9.4
ORredhatlibvirtMatch0.9.5
ORredhatlibvirtMatch0.9.6
ORredhatlibvirtMatch0.9.6.1
ORredhatlibvirtMatch0.9.6.2
ORredhatlibvirtMatch0.9.6.3
ORredhatlibvirtMatch0.9.7
ORredhatlibvirtMatch0.9.8
ORredhatlibvirtMatch0.9.9
ORredhatlibvirtMatch0.9.10
ORredhatlibvirtMatch0.9.11
ORredhatlibvirtMatch0.9.11.1
ORredhatlibvirtMatch0.9.11.2
ORredhatlibvirtMatch0.9.11.3
ORredhatlibvirtMatch0.9.11.4
ORredhatlibvirtMatch0.9.11.5
ORredhatlibvirtMatch0.9.11.6
ORredhatlibvirtMatch0.9.11.7
ORredhatlibvirtMatch0.9.11.8
ORredhatlibvirtMatch0.9.12
ORredhatlibvirtMatch0.9.13
ORredhatlibvirtMatch0.10.0
ORredhatlibvirtMatch0.10.1
ORredhatlibvirtMatch0.10.2
ORredhatlibvirtMatch0.10.2.1
ORredhatlibvirtMatch0.10.2.2
ORredhatlibvirtMatch0.10.2.3
ORredhatlibvirtMatch0.10.2.4
ORredhatlibvirtMatch0.10.2.5
ORredhatlibvirtMatch0.10.2.6
ORredhatlibvirtMatch0.10.2.7
ORredhatlibvirtMatch0.10.2.8
ORredhatlibvirtMatch1.0.0
ORredhatlibvirtMatch1.0.1
ORredhatlibvirtMatch1.0.2
ORredhatlibvirtMatch1.0.3
ORredhatlibvirtMatch1.0.4
ORredhatlibvirtMatch1.0.5
ORredhatlibvirtMatch1.0.5.1
ORredhatlibvirtMatch1.0.5.2
ORredhatlibvirtMatch1.0.5.3
ORredhatlibvirtMatch1.0.5.4
ORredhatlibvirtMatch1.0.5.5
ORredhatlibvirtMatch1.0.5.6
ORredhatlibvirtMatch1.0.6
ORredhatlibvirtMatch1.1.0
ORredhatlibvirtMatch1.1.1
ORredhatlibvirtMatch1.1.2
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | libvirt | * | cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.1 | cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.2 | cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.3 | cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.4 | cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.5 | cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.6 | cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.0 | cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.1 | cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.3 | cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:* |
Related
veracode
veracode
Denial Of Service (DoS)
2018-08-15 03:47:57
nvd
nvd
CVE-2013-4399
2014-12-12 15:59:00
debiancve
debiancve
CVE-2013-4399
2014-12-12 15:59:00
cvelist
cvelist
CVE-2013-4399
2014-12-12 15:00:00
ubuntucve
ubuntucve
CVE-2013-4399
2014-12-12 00:00:00
prion
prion
Design/Logic Flaw
2014-12-12 15:59:00
f5
f5
SOL16117 - Multiple libvirt vulnerabilities
2015-02-12 00:00:00
K16117 : Multiple libvirt vulnerabilities
2015-02-12 00:00:00
nessus
nessus
GLSA-201412-04 : libvirt: Multiple vulnerabilities
2014-12-09 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 201412-04
2015-09-29 00:00:00
osv
osv
libvirt-2.5.0-1.1 on GA media
2024-06-15 00:00:00
CVE-2021-3667
2022-03-02 23:15:08
CVE-2021-3559
2021-05-24 12:15:07
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
AI Score
8
Confidence
High
EPSS
0.011
Percentile
84.3%
Related for CVE-2013-4399