CVE-2013-2218

Published: Sep 30, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command.

Affected (1)

Products: Redhat: Libvirt

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Redhat Libvirt	Version 1.0.6

Related CWEs

References (8)

http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=244e0b8cf15ca2ef48d82058e728656e6c4bad11

Source: secalert@redhat.com

http://libvirt.org/news.html

Source: secalert@redhat.com

http://www.openwall.com/lists/oss-security/2013/07/01/6

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=980112

Source: secalert@redhat.com

Exploit

http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=244e0b8cf15ca2ef48d82058e728656e6c4bad11

Source: af854a3a-2127-422b-91ae-364da2661108

http://libvirt.org/news.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2013/07/01/6

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=980112

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

Timeline

No history available yet.