CVE-2013-6458

Priority
Medium
Description
Multiple race conditions in the (1) virDomainBlockStats, (2)
virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4)
virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly
verify that the disk is attached, which allows remote read-only attackers
to cause a denial of service (libvirtd crash) via the
virDomainDetachDeviceFlags command.
References
Bugs
Notes
mdeslaur> code in lucid is different, looks ok
Assigned-to
mdeslaur
Package
Upstream:released (1.2.1)
Ubuntu 10.04 LTS (Lucid Lynx):not-affected
Ubuntu 12.04 LTS (Precise Pangolin):released (0.9.8-2ubuntu17.17)
Ubuntu 12.10 (Quantal Quetzal):released (0.9.13-0ubuntu12.6)
Ubuntu 13.10 (Saucy Salamander):released (1.1.1-0ubuntu8.5)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (1.2.1-0ubuntu2)
Patches:
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=b799259583bd65c0b2f5042e6c3ff19637ade881
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=f93d2caa070f6197ab50d372d286018b0ba6bbd8
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=ff5f30b6bfa317f2a4c33f69289baf4e887eb048
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=3b56425938e2f97208d5918263efa0d6439e4ecd
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=c430c002dd8287c5d7b834993ddfbd61435248c4 (0.9.12)
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=4dd29d3bdf4bf3a4c4b1077ddf4355bcf548ca2f (0.9.12)
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e7d9e54e9ce286fe1bee5d32089cd58d63e5cee (0.9.12)
Upstream:http://libvirt.org/git/?p=libvirt.git;a=commit;h=2786686eb5855e0046817d47055cd784881ca8cb (0.9.12)
More Information

Valid XHTML 1.0 Strict

Updated: 2014-01-30 21:14:37 UTC (commit 7696)