Vulnerabilities

CVE-2012-3445

by Fred · 07/08/2012

The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.

Date published : 2012-08-07

http://www.securityfocus.com/bid/54748

https://bugzilla.redhat.com/show_bug.cgi?id=844734

Similar

Tags: Cybersecurity Alert