CVE-2013-6458
EPSS 0.89%libvirt - several
發布日:2014/1/24修改日:2026/4/28
描述
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
受影響套件(2)
- Debian/libvirtfrom 0, < 1.2.1-1
- Debian/libvirtfrom 0, < 0.9.12.3-1