Published: 19/11/2012 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

The virNetServerProgramDispatchCall function in libvirt prior to 0.10.2 allows remote malicious users to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat libvirt 0.4.1
redhat libvirt 0.9.13
redhat libvirt 0.8.6
redhat libvirt 0.9.2
redhat libvirt 0.4.5
redhat libvirt 0.7.5
redhat libvirt 0.0.6
redhat libvirt 0.9.5
redhat libvirt 0.5.0
redhat libvirt 0.7.2
redhat libvirt 0.1.1
redhat libvirt 0.0.3
redhat libvirt 0.1.7
redhat libvirt 0.0.1
redhat libvirt
redhat libvirt 0.2.0
redhat libvirt 0.7.4
redhat libvirt 0.9.10
redhat libvirt 0.4.4
redhat libvirt 0.3.3
redhat libvirt 0.0.2
redhat libvirt 0.1.8
redhat libvirt 0.3.0
redhat libvirt 0.9.8
redhat libvirt 0.1.3
redhat libvirt 0.1.9
redhat libvirt 0.4.2
redhat libvirt 0.9.9
redhat libvirt 0.8.5
redhat libvirt 0.8.7
redhat libvirt 0.7.7
redhat libvirt 0.6.4
redhat libvirt 0.3.1
redhat libvirt 0.9.3
redhat libvirt 0.1.6
redhat libvirt 0.9.6
redhat libvirt 0.9.0
redhat libvirt 0.6.5
redhat libvirt 0.8.2
redhat libvirt 0.8.1
redhat libvirt 0.9.12
redhat libvirt 0.2.2
redhat libvirt 0.8.3
redhat libvirt 0.7.1
redhat libvirt 0.2.3
redhat libvirt 0.0.4
redhat libvirt 0.1.0
redhat libvirt 0.6.2
redhat libvirt 0.8.8
redhat libvirt 0.6.3
redhat libvirt 0.4.3
redhat libvirt 0.5.1
redhat libvirt 0.7.6
redhat libvirt 0.10.0
redhat libvirt 0.7.3
redhat libvirt 0.6.1
redhat libvirt 0.1.4
redhat libvirt 0.8.4
redhat libvirt 0.9.4
redhat libvirt 0.9.1
redhat libvirt 0.4.6
redhat libvirt 0.1.5
redhat libvirt 0.9.7
redhat libvirt 0.7.0
redhat libvirt 0.4.0
redhat libvirt 0.0.5
redhat libvirt 0.2.1
redhat libvirt 0.6.0
redhat libvirt 0.9.11
redhat libvirt 0.8.0
redhat libvirt 0.3.2

Synopsis Moderate: libvirt security and bug fix update Type/Severity Security Advisory: Moderate Topic Updated libvirt packages that fix one security issue and multiple bugs arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as having moderatesecurity im ...

Debian Bug report logs - #687598 libvirt: CVE-2012-4423 Package: libvirt; Maintainer for libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@inutilorg> Date: Fri, 14 Sep 2012 06:30:02 UTC Severity: grave Tags: security Fixed in version libvir ...

libvirt could be made to crash or run programs if it received specially crafted network traffic ...

NVD-CWE-Other https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html http://rhn.redhat.com/errata/RHSA-2012-1359.html http://www.openwall.com/lists/oss-security/2012/09/13/14 https://bugzilla.redhat.com/show_bug.cgi?id=857133 http://www.securitytracker.com/id?1027649 http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html http://www.securityfocus.com/bid/55541 http://www.ubuntu.com/usn/USN-1708-1 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec https://access.redhat.com/errata/RHSA-2012:1359 https://usn.ubuntu.com/1708-1/https://nvd.nist.gov

CVE-2012-4423

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect