Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2013-5651

Published: 30 August 2013

The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.

Notes

AuthorNote
jdstrand 
Ubuntu 12.10 and lower are not affected

Priority

Medium

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian 		lucid Not vulnerable
(code not present)
precise Not vulnerable
(code not present)
quantal Not vulnerable
(code not present)
raring
Released (1.0.2-0ubuntu11.13.04.4)
upstream
Released (1.1.2~rc1-1)
Patches:
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=47b9127e883677a0d60d767030a147450e919a25
upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=106a2ddaa7b5ef7d69242333e48d77fda0b7ccf3

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading