Published: 10/08/2011 Updated: 13/02/2023

CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8

VMScore: 356

Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P

Integer overflow in libvirt prior to 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat libvirt 0.4.1
redhat libvirt 0.8.6
redhat libvirt 0.4.5
redhat libvirt 0.7.5
redhat libvirt 0.0.6
redhat libvirt 0.5.0
redhat libvirt 0.7.2
redhat libvirt 0.1.1
redhat libvirt 0.0.3
redhat libvirt 0.1.7
redhat libvirt 0.0.1
redhat libvirt 0.2.0
redhat libvirt 0.7.4
redhat libvirt 0.4.4
redhat libvirt 0.3.3
redhat libvirt 0.0.2
redhat libvirt 0.1.8
redhat libvirt 0.3.0
redhat libvirt 0.1.3
redhat libvirt 0.1.9
redhat libvirt 0.4.2
redhat libvirt 0.8.5
redhat libvirt 0.8.7
redhat libvirt 0.7.7
redhat libvirt 0.6.4
redhat libvirt 0.3.1
redhat libvirt 0.1.6
redhat libvirt 0.9.0
redhat libvirt 0.6.5
redhat libvirt 0.8.2
redhat libvirt 0.8.1
redhat libvirt 0.2.2
redhat libvirt 0.8.3
redhat libvirt 0.7.1
redhat libvirt 0.2.3
redhat libvirt 0.0.4
redhat libvirt 0.1.0
redhat libvirt 0.6.2
redhat libvirt 0.8.8
redhat libvirt 0.6.3
redhat libvirt 0.4.3
redhat libvirt 0.5.1
redhat libvirt 0.7.6
redhat libvirt 0.7.3
redhat libvirt 0.6.1
redhat libvirt 0.1.4
redhat libvirt 0.8.4
redhat libvirt
redhat libvirt 0.9.1
redhat libvirt 0.4.6
redhat libvirt 0.1.5
redhat libvirt 0.7.0
redhat libvirt 0.4.0
redhat libvirt 0.0.5
redhat libvirt 0.2.1
redhat libvirt 0.6.0
redhat libvirt 0.8.0
redhat libvirt 0.3.2

An authenticated attacker could send crafted input to libvirt and cause it to crash ...

Debian Bug report logs - #623222 CVE-2011-1486: Error handling not thread-safe Package: libvirt; Maintainer for libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <muehlenhoff@univentionde> Date: Mon, 18 Apr 2011 13:48:01 UTC Severity: important T ...

Debian Bug report logs - #633630 CVE-2011-2511 libvirt: integer overflow in VirDomainGetVcpus Package: src:libvirt; Maintainer for src:libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 12 Jul 2011 10:30:56 UTC Seve ...

It was discovered that libvirt, a library for interfacing with different virtualization systems, is prone to an integer overflow (CVE-2011-2511) Additionally, the stable version is prone to a denial of service, because its error reporting is not thread-safe (CVE-2011-1486) For the stable distribution (squeeze), these problems have been fixed in v ...

CWE-189 http://secunia.com/advisories/45375 http://www.openwall.com/lists/oss-security/2011/06/28/9 https://hermes.opensuse.org/messages/10027908 http://www.debian.org/security/2011/dsa-2280 http://secunia.com/advisories/45446 http://www.securitytracker.com/id?1025822 http://secunia.com/advisories/45441 https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html http://www.redhat.com/support/errata/RHSA-2011-1019.html http://www.ubuntu.com/usn/USN-1180-1 http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html http://libvirt.org/news.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html http://www.redhat.com/support/errata/RHSA-2011-1197.html https://exchange.xforce.ibmcloud.com/vulnerabilities/68271 https://usn.ubuntu.com/1180-1/https://nvd.nist.gov

CVE-2011-2511

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect