← Back

CVE-2013-7336

nvd nist
Published: May 7, 2014Modified: May 6, 2026

JSON object

Loading...
1.9
Vector
AV:L/AC:M/Au:N/C:N/I:N/A:P
Exploitability: 3.4 / Impact: 2.9
Source: NVD

Description

The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.

Affected (17)

Opensuse
1 product
Opensuse
Redhat
1 product
Libvirt
Configuration A
17 vulnerable
Vulnerable SoftwareAffected Versions
Opensuse
Version 13.1
Redhat
Libvirt
Up to 1.1.2
Libvirt
Version 1.0.0
Libvirt
Version 1.0.1
Libvirt
Version 1.0.2
Libvirt
Version 1.0.3
Libvirt
Version 1.0.4
Libvirt
Version 1.0.5.1
Libvirt
Version 1.0.5.2
Libvirt
Version 1.0.5.3
Libvirt
Version 1.0.5.4
Libvirt
Version 1.0.5.5
Libvirt
Version 1.0.5.6
Libvirt
Version 1.0.5
Libvirt
Version 1.0.6
Libvirt
Version 1.1.0
Libvirt
Version 1.1.1

References (16)

Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Patch
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.