Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2013-7336
HistoryMay 07, 2014 - 10:55 a.m.

CVE-2013-7336

2014-05-0710:55:03
[email protected]
web.nvd.nist.gov
31
cve-2013-7336
qemumigrationwaitforspice
libvirt
seamless spice migration
null pointer dereference
denial of service
nvd
security issue
domblkstat
qemumonitorgetspicemigrationstatus

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON

The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.

Affected configurations

NVD
Node
redhatlibvirtRange≀1.1.2
OR
redhatlibvirtMatch1.0.0
OR
redhatlibvirtMatch1.0.1
OR
redhatlibvirtMatch1.0.2
OR
redhatlibvirtMatch1.0.3
OR
redhatlibvirtMatch1.0.4
OR
redhatlibvirtMatch1.0.5
OR
redhatlibvirtMatch1.0.5.1
OR
redhatlibvirtMatch1.0.5.2
OR
redhatlibvirtMatch1.0.5.3
OR
redhatlibvirtMatch1.0.5.4
OR
redhatlibvirtMatch1.0.5.5
OR
redhatlibvirtMatch1.0.5.6
OR
redhatlibvirtMatch1.0.6
OR
redhatlibvirtMatch1.1.0
OR
redhatlibvirtMatch1.1.1
OR
opensuseopensuseMatch13.1

Related

prion 1
debiancve 1
cvelist 1
nvd 1
seebug 1
ubuntucve 1
veracode 1
securityvulns 3
openvas 3
nessus 3
ubuntu 1
gentoo 1
osv 15
prion
prion
Null pointer dereference
2014-05-07 10:55:00
debiancve
debiancve
CVE-2013-7336
2014-05-07 10:55:03
cvelist
cvelist
CVE-2013-7336
2014-05-07 10:00:00
nvd
nvd
CVE-2013-7336
2014-05-07 10:55:03
seebug
seebug
libvirtζ‹’η»ζœεŠ‘ζΌζ΄ž(CVE-2013-7336)
2014-03-21 00:00:00
ubuntucve
ubuntucve
CVE-2013-7336
2014-05-07 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-01-15 08:52:13
securityvulns
securityvulns
[USN-2209-1] libvirt vulnerabilities
2014-05-07 00:00:00
libvirt security vulnerabilities
2014-05-07 00:00:00
QEMU multiple security vulnerabilities
2014-05-15 00:00:00
openvas
openvas
Ubuntu Update for libvirt USN-2209-1
2014-05-12 00:00:00
Ubuntu: Security Advisory (USN-2209-1)
2014-05-12 00:00:00
Gentoo Security Advisory GLSA 201412-04
2015-09-29 00:00:00
nessus
nessus
openSUSE Security Update : libvirt (openSUSE-SU-2014:0593-1)
2014-06-13 00:00:00
Ubuntu 13.10 : libvirt vulnerabilities (USN-2209-1)
2014-05-09 00:00:00
GLSA-201412-04 : libvirt: Multiple vulnerabilities
2014-12-09 00:00:00
ubuntu
ubuntu
libvirt vulnerabilities
2014-05-07 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
osv
osv
CVE-2021-3667
2022-03-02 23:15:08
CVE-2021-3559
2021-05-24 12:15:07
CVE-2016-10746
2019-04-18 16:29:00

1.9 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:N/I:N/A:P

7.7 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CVE-2013-7336
prion1debiancve1cvelist1nvd1seebug1ubuntucve1veracode1securityvulns3openvas3nessus3ubuntu1gentoo1osv15