CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
EPSS
Percentile
96.3%
Double free vulnerability in the virConnectListAllInterfaces method in
interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote
attackers to cause a denial of service (libvirtd crash) via a filtering
flag that causes an interface to be skipped, as demonstrated by the “virsh
iface-list --inactive” command.
Author | Note |
---|---|
mdeslaur | introduced in: http://libvirt.org/git/?p=libvirt.git;a=commit;h=7ac2c4fe624f30f2c8270116513fa2ddab07631f |