Vulnerability in Redhat Libvirt
CVE-2013-4399
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free a…
EPSS: 0.007 (72.6th percentile) — read the EPSS interpretation.
Affected products
- Redhat Libvirt — versions 0.0.1, 0.0.2, 0.0.3
- N/a — versions n/a
References
- 60895 (x_refsource_SECUNIA, third-party-advisory)
- GLSA-201412-04 (vendor-advisory, x_refsource_GENTOO)
- secalert@redhat.com (x_refsource_CONFIRM)
- 62972 (vdb-entry, x_refsource_BID)
- secalert@redhat.com (x_refsource_CONFIRM, Patch, Vendor Advisory)