Oval Definition:oval:com.ubuntu.precise:def:20136458000
Revision Date:2014-01-24Version:1
Title:CVE-2013-6458 on Ubuntu 12.04 LTS (precise) - medium.
Description:Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2013-6458
Platform(s):Ubuntu 12.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 12.04 LTS (precise) is installed.
  • AND The 'libvirt' package in precise was vulnerable but has been fixed (note: '0.9.8-2ubuntu17.17').
    • BACK