CVE-2013-7336

by Fred · 07/05/2014

The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.

Date published : 2014-05-07

http://libvirt.org/git/?p=libvirt.git;a=commit;h=484cc321

http://libvirt.org/news.html

CVE-2013-7336

Similar

Recent Posts

Categories

CVE-2013-7336

Share this:

Similar

Recent Posts

Categories

Tags