CVE-2013-5651Improper Restriction of Operations within the Bounds of a Memory Buffer in Redhat Libvirt

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-125Out-of-bounds Read9 documents8 sources
Severity
5.0MEDIUMNVD
EPSS
0.6%
top 29.43%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Libvirt
Timeline
PublishedSep 30
Latest updateMay 17

Description

The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages2 packages

Debianredhat/libvirt< 1.1.2~rc1-1+3
NVDredhat/libvirt1.1.1+105

Patches

Patch: www.openwall.comPatch: bugzilla.redhat.comPatch: www.openwall.com

🔴Vulnerability Details

3
GHSA
GHSA-h748-q5cc-5mv7: The virBitmapParse function in util/virbitmap2022-05-17
OSV
CVE-2013-5651: The virBitmapParse function in util/virbitmap2013-09-30
CVEList
CVE-2013-5651: The virBitmapParse function in util/virbitmap2013-09-30

📋Vendor Advisories

3
Ubuntu
libvirt vulnerabilities2013-09-18
Red Hat
libvirt: virBitmapParse out-of-bounds read access2013-08-29
Debian
CVE-2013-5651: libvirt - The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows c...2013

💬Community

2
Bugzilla
CVE-2013-4297 CVE-2013-4291 CVE-2013-5651 libvirt: various flaws [fedora-all]2013-09-10
Bugzilla
CVE-2013-5651 libvirt: virBitmapParse out-of-bounds read access2013-09-10
CVE-2013-5651 — Redhat Libvirt vulnerability | cvebase