CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
EPSS
Percentile
5.1%
The libxlDomainGetNumaParameters function in the libxl driver
(libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize
the nodemap, which allows local users to cause a denial of service (invalid
free operation and crash) or possibly execute arbitrary code via an
inactive domain to the virsh numatune command.
security.libvirt.org/2013/0019.html
launchpad.net/bugs/cve/CVE-2013-6457
nvd.nist.gov/vuln/detail/CVE-2013-6457
security-tracker.debian.org/tracker/CVE-2013-6457
ubuntu.com/security/notices/USN-2093-1
www.cve.org/CVERecord?id=CVE-2013-6457
www.redhat.com/archives/libvir-list/2013-December/msg01176.html
www.redhat.com/archives/libvir-list/2013-December/msg01258.html