CVE-2014-8135

Published: 19 December 2014

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

Priority

Status

Package	Release	Status
libvirt Launchpad, Ubuntu, Debian	lucid	Not vulnerable (code not present)
	precise	Not vulnerable (code not present)
	trusty	Not vulnerable (code not present)
	upstream	Released (1.2.9-7,1.2.11)
	utopic	Ignored (end of life)
	vivid	Not vulnerable (1.2.12-0ubuntu14.2)
	Patches: upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=05ba8c50b15f7078ba7981f550fc59c3dc74c469

References

http://secunia.com/advisories/61111
http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984
http://security.libvirt.org/2014/0009.html
https://www.cve.org/CVERecord?id=CVE-2014-8135
NVD
Launchpad
Debian

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773855
https://bugzilla.redhat.com/show_bug.cgi?id=1087104

Join the discussion

Ubuntu security updates mailing list
Security announcements mailing list

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›