CVE-2013-4399 — Redhat Libvirt vulnerability

8 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

0.7%

top 28.45%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Redhat Libvirt

Timeline

PublishedDec 12

Latest updateMay 17

Description

The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages2 packages

▶Debianredhat/libvirt< 1.1.4-1+3

▶NVDredhat/libvirt1.1.3+107

Patches

Patch: security.libvirt.org ↗Patch: security.libvirt.org ↗

🔴Vulnerability Details

GHSA

GHSA-hr87-j88c-crv5: The remoteClientFreeFunc function in daemon/remote↗2022-05-17

▶

OSV

CVE-2013-4399: The remoteClientFreeFunc function in daemon/remote↗2014-12-12

▶

CVEList

CVE-2013-4399: The remoteClientFreeFunc function in daemon/remote↗2014-12-12

▶

📋Vendor Advisories

Red Hat

libvirt: unprivileged user can crash libvirtd when ACLs are enabled↗2013-09-27

▶

Debian

CVE-2013-4399: libvirt - The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, wh...↗2013

▶

💬Community

Bugzilla

CVE-2013-4399 libvirt: unprivileged user can crash libvirtd when ACLs are enabled↗2013-10-03

▶

Bugzilla

CVE-2013-4399 libvirt: libvirtd will be crashed while destroy the guest which has been connected twice by virt-viewer and enable the access-driver in libvirtd.conf [rhel-7.0]↗2013-09-24

▶