CVE-2013-4153

Published: Sep 30, 2013Modified: Apr 29, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command.

Affected (2)

Products: Redhat: Libvirt

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Redhat Libvirt	Version 1.0.6
Redhat Libvirt	Version 1.1.0

Related CWEs

References (10)

http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=dfc692350a04a70b4ca65667c30869b3bfdaf034

Source: secalert@redhat.com

http://libvirt.org/news.html

Source: secalert@redhat.com

http://openwall.com/lists/oss-security/2013/07/19/11

Source: secalert@redhat.com

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=984821

Source: secalert@redhat.com

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=986383

Source: secalert@redhat.com

Patch

http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=dfc692350a04a70b4ca65667c30869b3bfdaf034

Source: af854a3a-2127-422b-91ae-364da2661108

http://libvirt.org/news.html

Source: af854a3a-2127-422b-91ae-364da2661108

http://openwall.com/lists/oss-security/2013/07/19/11

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

https://bugzilla.redhat.com/show_bug.cgi?id=984821

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=986383

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

Timeline

No history available yet.