CVE-2019-3840
MEDIUM6.3EPSS 0.71%Published: 3/27/2019Modified: 4/28/2026
Also known as:DEBIAN-CVE-2019-3840
Description
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
Affected packages (1)
- Debian/libvirtfrom 0, < 5.0.0-1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.3 | CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:N/A:H |