The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.
Max CVSS
5.0
EPSS Score
1.12%
Published
2013-09-30
Updated
2015-01-03
The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.
Max CVSS
4.0
EPSS Score
0.42%
Published
2013-09-30
Updated
2023-02-13
The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.
Max CVSS
4.0
EPSS Score
1.03%
Published
2013-09-30
Updated
2023-02-13
The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.
Max CVSS
4.0
EPSS Score
0.39%
Published
2013-09-30
Updated
2023-02-13
4 vulnerabilities found