CVE-2013-2218
published 2013-09-30CVE-2013-2218: Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a…
medium5CVSS 3.1
AVNACLAuNCNINAP
EXPLOIT
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libvirt | < libvirt 1.1.0-1 (bookworm) | libvirt 1.1.0-1 (bookworm) |
| redhat | libvirt | — | — |
| redhat | libvirt | >= 0 < 1.1.0-1 | 1.1.0-1 |
| redhat | libvirt | >= 0 < 1.1.0-1 | 1.1.0-1 |
| redhat | libvirt | >= 0 < 1.1.0-1 | 1.1.0-1 |
| redhat | libvirt | >= 0 < 1.1.0-1 | 1.1.0-1 |
CVSS provenance
nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv5.0MEDIUM