CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:N/A:P
EPSS
Percentile
89.6%
Integer overflow in libvirt before 0.9.3 allows remote authenticated users
to cause a denial of service (libvirtd crash) and possibly execute
arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers
memory corruption.
Author | Note |
---|---|
jdstrand | DoS is confirmed by a remote authenticated user 89d994ad6b0e8ebe9a2cd4e0e37119ff4c917550 (gnulib) may not actually be required to fix in stable releases. fixed in 0.8.3-5+squeeze2 |