CVE-2011-1486
Published: 31 May 2011
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.
Notes
| Author | Note |
|---|---|
| mdeslaur | RH apparently have a reproducer in private bug |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libvirt Launchpad, Ubuntu, Debian |
dapper |
Does not exist
|
| hardy |
Ignored
(end of life)
|
|
| lucid |
Released
(0.7.5-5ubuntu27.13)
|
|
| maverick |
Released
(0.8.3-1ubuntu18)
|
|
| natty |
Released
(0.8.8-1ubuntu6.2)
|
|
| upstream |
Released
(0.9.0)
|
|
|
Patches: upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=f44bfb7fb978c9313ce050a1c4149bf04aa0a670 vendor: https://rhn.redhat.com/errata/RHSA-2011-0479.html |
||