Lucene search

K

RedhatCVELIST:CVE-2013-6457

HistoryJan 24, 2014 - 6:00 p.m.

CVE-2013-6457

2014-01-2418:00:00

redhat

www.cve.org

7

AI Score

8.2

Confidence

High

EPSS

0

Percentile

5.1%

The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command.

References

libvirt.org/news.html

lists.opensuse.org/opensuse-updates/2014-02/msg00060.html

secunia.com/advisories/60895

security.gentoo.org/glsa/glsa-201412-04.xml

www.ubuntu.com/usn/USN-2093-1

bugzilla.redhat.com/show_bug.cgi?id=1048629

www.redhat.com/archives/libvir-list/2013-December/msg01176.html

www.redhat.com/archives/libvir-list/2013-December/msg01258.html

AI Score

8.2

Confidence

High

EPSS

0

Percentile

5.1%

Related for CVELIST:CVE-2013-6457

debiancve1 prion1 ubuntucve1 veracode1 cve1 nvd1 nessus3 openvas3 ubuntu1 altlinux1 f52 gentoo1 osv16