PublicDateAtUSN: 2014-01-24
Candidate: CVE-2013-6458
PublicDate: 2014-01-24 18:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6458
 https://ubuntu.com/security/notices/USN-2093-1
Description:
 Multiple race conditions in the (1) virDomainBlockStats, (2)
 virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4)
 virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly
 verify that the disk is attached, which allows remote read-only attackers
 to cause a denial of service (libvirtd crash) via the
 virDomainDetachDeviceFlags command.
Ubuntu-Description:
Notes:
 mdeslaur> code in lucid is different, looks ok
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-6458
 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=734556
Priority: medium
Discovered-by:
Assigned-to: mdeslaur
CVSS: 

Patches_libvirt:
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=b799259583bd65c0b2f5042e6c3ff19637ade881
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f93d2caa070f6197ab50d372d286018b0ba6bbd8
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=ff5f30b6bfa317f2a4c33f69289baf4e887eb048
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3b56425938e2f97208d5918263efa0d6439e4ecd
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=c430c002dd8287c5d7b834993ddfbd61435248c4 (0.9.12)
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=4dd29d3bdf4bf3a4c4b1077ddf4355bcf548ca2f (0.9.12)
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e7d9e54e9ce286fe1bee5d32089cd58d63e5cee (0.9.12)
 upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=2786686eb5855e0046817d47055cd784881ca8cb (0.9.12)
upstream_libvirt: released (1.2.1)
lucid_libvirt: not-affected
precise_libvirt: released (0.9.8-2ubuntu17.17)
quantal_libvirt: released (0.9.13-0ubuntu12.6)
raring_libvirt: ignored (reached end-of-life)
saucy_libvirt: released (1.1.1-0ubuntu8.5)
devel_libvirt: not-affected (1.2.1-0ubuntu2)