[v2.7] libvirt: DoS (CVE-2013-6458 CVE-2014-1447)
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command (CVE-2013-6458).
•CONFIRM: http://libvirt.org/news.html
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1043069
•DEBIAN:DSA-2846
•URL: http://www.debian.org/security/2014/dsa-2846
•SECUNIA:56186
•URL: http://secunia.com/advisories/56186
•SECUNIA:56446
•URL: http://secunia.com/advisories/56446
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent (CVE-2014-1447).
•CONFIRM: http://libvirt.org/news.html
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1047577
•DEBIAN:DSA-2846
•URL: http://www.debian.org/security/2014/dsa-2846
•SECUNIA:56321
•URL: http://secunia.com/advisories/56321
•SECUNIA:56446
•URL: http://secunia.com/advisories/56446
(from redmine: issue id 2637, created on 2014-02-04, closed on 2014-02-05)
- Relations:
- parent #2633 (closed)
- Changesets:
- Revision b5fc2777 on 2014-02-04T16:09:11Z:
main/libvirt: security fix (CVE-2013-6458 CVE-2014-1447)
Fixes #2637