Vulnerability in Opensuse
CVE-2013-7336
The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer derefer…
EPSS: 0.001 (21.1th percentile) — read the EPSS interpretation.
Affected products
- Opensuse — versions 13.1
- Redhat Libvirt — versions 1.0.0, 1.0.1, 1.0.2
- N/a — versions n/a
References
- cve@mitre.org (x_refsource_CONFIRM)
- 60895 (x_refsource_SECUNIA, third-party-advisory)
- GLSA-201412-04 (vendor-advisory, x_refsource_GENTOO)
- cve@mitre.org (x_refsource_CONFIRM)
- openSUSE-SU-2014:0593 (vendor-advisory, x_refsource_SUSE)
- [oss-security] 20140318 CVE request -- libvirt: unprivileged user can crash libvirtd during spice migration (mailing-list, x_refsource_MLIST)
- [oss-security] 20140318 Re: CVE request -- libvirt: unprivileged user can crash libvirtd during spice migration (mailing-list, x_refsource_MLIST, Patch)
- cve@mitre.org (x_refsource_CONFIRM)