CVE-2013-4154
published 2013-09-30CVE-2013-4154: The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer…
medium4.3CVSS 3.1
AVNACMAuNCNINAP
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | libvirt | < libvirt 1.1.0-4 (bookworm) | libvirt 1.1.0-4 (bookworm) |
| redhat | libvirt | <= 1.1.0 | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | — | — |
| redhat | libvirt | >= 0 < 1.1.0-4 | 1.1.0-4 |
| redhat | libvirt | >= 0 < 1.1.0-4 | 1.1.0-4 |
| redhat | libvirt | >= 0 < 1.1.0-4 | 1.1.0-4 |
| redhat | libvirt | >= 0 < 1.1.0-4 | 1.1.0-4 |
CVSS provenance
nvd4.3MEDIUMAV:N/AC:M/Au:N/C:N/I:N/A:P
osv4.3MEDIUM