CVE-2013-5651: The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and…

medium5CVSS 3.1

AVNACLAuNCNINAP

The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.

Affected

111 ranges· showing 25

Vendor	Product	Version range	Fixed in
debian	libvirt	< libvirt 1.1.2~rc1-1 (bookworm)	libvirt 1.1.2~rc1-1 (bookworm)
redhat	libvirt	<= 1.1.1	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—
redhat	libvirt	—	—

CVSS provenance

nvd5.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P

osv5.0MEDIUM