CVE-2013-2230 — Improper Input Validation in Redhat Libvirt

CWE-20 — Improper Input Validation8 documents7 sources

Severity

4.0MEDIUMNVD

EPSS

0.6%

top 31.07%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Libvirt

Timeline

PublishedSep 30

Latest updateMay 17

Description

The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration."

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages2 packages

▶Debianredhat/libvirt< 1.1.0-3+3

▶NVDredhat/libvirt1.1.0+92

Patches

Patch: www.openwall.com ↗Patch: bugzilla.redhat.com ↗Patch: www.openwall.com ↗

🔴Vulnerability Details

GHSA

GHSA-m9x7-c3r4-7hgh: The qemu driver (qemu/qemu_driver↗2022-05-17

▶

CVEList

CVE-2013-2230: The qemu driver (qemu/qemu_driver↗2013-09-30

▶

OSV

CVE-2013-2230: The qemu driver (qemu/qemu_driver↗2013-09-30

▶

📋Vendor Advisories

Red Hat

libvirt: multiple registered events crash↗2013-07-10

▶

Debian

CVE-2013-2230: libvirt - The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authe...↗2013

▶

💬Community

Bugzilla

libvirt: CVE-2013-2230 libvirt: multiple registered events crash [fedora-all]↗2013-07-10

▶

Bugzilla

CVE-2013-2230 libvirt: multiple registered events crash↗2013-07-04

▶