CVE-2014-3672

CWE-400Uncontrolled Resource Consumption9 documents7 sources
Severity
6.5MEDIUM
EPSS
0.1%
top 81.26%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Redhat Libvirt
Timeline
PublishedMay 25
Latest updateMay 17

Description

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:HExploitability: 2.0 | Impact: 4.0

Affected Packages2 packages

NVDredhat/libvirt1.2.21
Debianxen< 4.4.0-1+3

🔴Vulnerability Details

3
GHSA
GHSA-8x7q-84h6-3fhq: The qemu implementation in libvirt before 12022-05-17
CVEList
CVE-2014-3672: The qemu implementation in libvirt before 12016-05-25
OSV
CVE-2014-3672: The qemu implementation in libvirt before 12016-05-25

📋Vendor Advisories

2
Red Hat
xen: Unrestricted qemu logging2016-05-23
Debian
CVE-2014-3672: xen - The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS us...2014

💬Community

3
Bugzilla
CVE-2014-3672 xen: Unrestricted qemu logging2016-05-24
Bugzilla
CVE-2014-3672 xen: Unrestricted qemu logging [fedora-all]2016-05-24
Bugzilla
CVE-2014-3672 qemu: xen: Unrestricted qemu logging [fedora-all]2016-05-24
CVE-2014-3672 (MEDIUM CVSS 6.5) | The qemu implementation in libvirt | cvebase.io