Lucene search
HistoryJan 24, 2014 - 6:55 p.m.
CVE-2014-1447
CVSS2
3.3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.6
Confidence
High
EPSS
0.021
Percentile
89.1%
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.
Affected configurations
Node
redhatlibvirtRange≤1.2.0
ORredhatlibvirtMatch0.0.1
ORredhatlibvirtMatch0.0.2
ORredhatlibvirtMatch0.0.3
ORredhatlibvirtMatch0.0.4
ORredhatlibvirtMatch0.0.5
ORredhatlibvirtMatch0.0.6
ORredhatlibvirtMatch0.1.0
ORredhatlibvirtMatch0.1.1
ORredhatlibvirtMatch0.1.3
ORredhatlibvirtMatch0.1.4
ORredhatlibvirtMatch0.1.5
ORredhatlibvirtMatch0.1.6
ORredhatlibvirtMatch0.1.7
ORredhatlibvirtMatch0.1.8
ORredhatlibvirtMatch0.1.9
ORredhatlibvirtMatch0.2.0
ORredhatlibvirtMatch0.2.1
ORredhatlibvirtMatch0.2.2
ORredhatlibvirtMatch0.2.3
ORredhatlibvirtMatch0.3.0
ORredhatlibvirtMatch0.3.1
ORredhatlibvirtMatch0.3.2
ORredhatlibvirtMatch0.3.3
ORredhatlibvirtMatch0.4.0
ORredhatlibvirtMatch0.4.1
ORredhatlibvirtMatch0.4.2
ORredhatlibvirtMatch0.4.3
ORredhatlibvirtMatch0.4.4
ORredhatlibvirtMatch0.4.5
ORredhatlibvirtMatch0.4.6
ORredhatlibvirtMatch0.5.0
ORredhatlibvirtMatch0.5.1
ORredhatlibvirtMatch0.6.0
ORredhatlibvirtMatch0.6.1
ORredhatlibvirtMatch0.6.2
ORredhatlibvirtMatch0.6.3
ORredhatlibvirtMatch0.6.4
ORredhatlibvirtMatch0.6.5
ORredhatlibvirtMatch0.7.0
ORredhatlibvirtMatch0.7.1
ORredhatlibvirtMatch0.7.2
ORredhatlibvirtMatch0.7.3
ORredhatlibvirtMatch0.7.4
ORredhatlibvirtMatch0.7.5
ORredhatlibvirtMatch0.7.6
ORredhatlibvirtMatch0.7.7
ORredhatlibvirtMatch0.8.0
ORredhatlibvirtMatch0.8.1
ORredhatlibvirtMatch0.8.2
ORredhatlibvirtMatch0.8.3
ORredhatlibvirtMatch0.8.4
ORredhatlibvirtMatch0.8.5
ORredhatlibvirtMatch0.8.6
ORredhatlibvirtMatch0.8.7
ORredhatlibvirtMatch0.8.8
ORredhatlibvirtMatch0.9.0
ORredhatlibvirtMatch0.9.1
ORredhatlibvirtMatch0.9.2
ORredhatlibvirtMatch0.9.3
ORredhatlibvirtMatch0.9.4
ORredhatlibvirtMatch0.9.5
ORredhatlibvirtMatch0.9.6
ORredhatlibvirtMatch0.9.6.1
ORredhatlibvirtMatch0.9.6.2
ORredhatlibvirtMatch0.9.6.3
ORredhatlibvirtMatch0.9.7
ORredhatlibvirtMatch0.9.8
ORredhatlibvirtMatch0.9.9
ORredhatlibvirtMatch0.9.10
ORredhatlibvirtMatch0.9.11
ORredhatlibvirtMatch0.9.11.1
ORredhatlibvirtMatch0.9.11.2
ORredhatlibvirtMatch0.9.11.3
ORredhatlibvirtMatch0.9.11.4
ORredhatlibvirtMatch0.9.11.5
ORredhatlibvirtMatch0.9.11.6
ORredhatlibvirtMatch0.9.11.7
ORredhatlibvirtMatch0.9.11.8
ORredhatlibvirtMatch0.9.12
ORredhatlibvirtMatch0.9.13
ORredhatlibvirtMatch0.10.0
ORredhatlibvirtMatch0.10.1
ORredhatlibvirtMatch0.10.2
ORredhatlibvirtMatch0.10.2.1
ORredhatlibvirtMatch0.10.2.2
ORredhatlibvirtMatch0.10.2.3
ORredhatlibvirtMatch0.10.2.4
ORredhatlibvirtMatch0.10.2.5
ORredhatlibvirtMatch0.10.2.6
ORredhatlibvirtMatch0.10.2.7
ORredhatlibvirtMatch0.10.2.8
ORredhatlibvirtMatch1.0.0
ORredhatlibvirtMatch1.0.1
ORredhatlibvirtMatch1.0.2
ORredhatlibvirtMatch1.0.3
ORredhatlibvirtMatch1.0.4
ORredhatlibvirtMatch1.0.5
ORredhatlibvirtMatch1.0.5.1
ORredhatlibvirtMatch1.0.5.2
ORredhatlibvirtMatch1.0.5.3
ORredhatlibvirtMatch1.0.5.4
ORredhatlibvirtMatch1.0.5.5
ORredhatlibvirtMatch1.0.5.6
ORredhatlibvirtMatch1.0.6
ORredhatlibvirtMatch1.1.0
ORredhatlibvirtMatch1.1.1
ORredhatlibvirtMatch1.1.2
ORredhatlibvirtMatch1.1.3
ORredhatlibvirtMatch1.1.4
| Vendor | Product | Version | CPE |
|---|---|---|---|
| redhat | libvirt | * | cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.1 | cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.2 | cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.3 | cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.4 | cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.5 | cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:* |
| redhat | libvirt | 0.0.6 | cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.0 | cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.1 | cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:* |
| redhat | libvirt | 0.1.3 | cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:* |
References
libvirt.org/news.html
lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
lists.opensuse.org/opensuse-updates/2014-02/msg00062.html
rhn.redhat.com/errata/RHSA-2014-0103.html
secunia.com/advisories/56321
secunia.com/advisories/56446
secunia.com/advisories/60895
security.gentoo.org/glsa/glsa-201412-04.xml
www.debian.org/security/2014/dsa-2846
www.securitytracker.com/id/1029695
www.ubuntu.com/usn/USN-2093-1
bugzilla.redhat.com/show_bug.cgi?id=1047577
Related
veracode
veracode
Denial Of Service (DoS)
2018-08-14 04:05:13
cvelist
cvelist
CVE-2014-1447
2014-01-24 18:00:00
debiancve
debiancve
CVE-2014-1447
2014-01-24 18:55:04
cve
cve
CVE-2014-1447
2014-01-24 18:55:04
CVE-2014-1448
2014-01-15 16:13:04
ubuntucve
ubuntucve
CVE-2014-1447
2014-01-24 00:00:00
prion
prion
Race condition
2014-01-24 18:55:00
Information disclosure
2014-01-15 16:13:00
openvas
openvas
RedHat Update for libvirt RHSA-2014:0103-01
2014-01-30 00:00:00
CentOS Update for libvirt CESA-2014:0103 centos6
2014-01-30 00:00:00
Debian: Security Advisory (DSA-2846-1)
2014-01-16 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 2846-1] libvirt security update
2014-01-29 00:00:00
libvirt security vulnerabilities
2014-01-29 00:00:00
nessus
nessus
RHEL 6 : libvirt (RHSA-2014:0103)
2014-01-29 00:00:00
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20140128)
2014-01-29 00:00:00
openSUSE Security Update : libvirt (openSUSE-SU-2014:0270-1)
2014-06-13 00:00:00
centos
centos
libvirt security update
2014-01-29 14:05:41
mageia
mageia
Updated libvirt packages fix two vulnerabilties
2014-02-12 02:06:14
oraclelinux
oraclelinux
libvirt security and bug fix update
2014-01-28 00:00:00
debian
debian
[SECURITY] [DSA 2846-1] libvirt security update
2014-01-17 19:25:28
osv
osv
libvirt - several
2014-01-17 00:00:00
libvirt-2.5.0-1.1 on GA media
2024-06-15 00:00:00
CVE-2021-3667
2022-03-02 23:15:08
redhat
redhat
(RHSA-2014:0103) Moderate: libvirt security and bug fix update
2014-01-28 00:00:00
nvd
nvd
CVE-2014-1448
2014-01-15 16:13:04
fedora
fedora
[SECURITY] Fedora 20 Update: libvirt-1.1.3.3-1.fc20
2014-01-21 05:56:08
[SECURITY] Fedora 19 Update: libvirt-1.0.5.9-1.fc19
2014-01-26 11:54:32
ubuntu
ubuntu
libvirt vulnerabilities
2014-01-30 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.2.2-alt1
2014-03-05 00:00:00
gentoo
gentoo
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00
CVSS2
3.3
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:A/AC:L/Au:N/C:N/I:N/A:P
AI Score
7.6
Confidence
High
EPSS
0.021
Percentile
89.1%
Related for NVD:CVE-2014-1447