Published: 08/02/2013 Updated: 13/02/2023

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x prior to 1.0.2, 0.10.2 prior to 0.10.2.3, 0.9.11 prior to 0.9.11.9, and 0.9.6 prior to 0.9.6.4 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

Vulnerable Product	Search on Vulmon	Subscribe to Product
redhat libvirt
suse linux enterprise desktop 11
opensuse opensuse 12.2
opensuse opensuse 12.1
suse linux enterprise software development kit 11
suse linux enterprise server 11
fedoraproject fedora 17
fedoraproject fedora 16
fedoraproject fedora 18
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux workstation 6.0
redhat enterprise linux eus 6.3
canonical ubuntu linux 12.10
canonical ubuntu linux 12.04

Synopsis Important: libvirt security update Type/Severity Security Advisory: Important Topic Updated libvirt packages that fix one security issue are now available forRed Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security impact A Common Vulnerabilit ...

libvirt could be made to crash or run programs if it received specially crafted network traffic ...

Debian Bug report logs - #699224 libvirt [CVE-2013-0170]: libvirt Use-After-Free May Let Remote Users Execute Arbitrary Code Package: libvirt; Maintainer for libvirt is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Reported by: Luciano Bello <luciano@debianorg> Date: Tue, 29 Jan 2013 0 ...

Debian Bug report logs - #701649 libvirt-bin - libvirtd changes permissions of devices to libvirt-qemu:kvm (CVE-2013-1766) Package: libvirt-bin; Maintainer for libvirt-bin is Debian Libvirt Maintainers <pkg-libvirt-maintainers@listsaliothdebianorg>; Source for libvirt-bin is src:libvirt (PTS, buildd, popcon) Reported by: ...

Experimental compiler modifications to protect function pointers against overwrites through memory corruption vulnerabilities

fp-protect Function pointer protection is an experimental compiler modification for the C compiler of GCC with the intention to protect function pointers against malicious overwrites through memory corruption vulnerabilities The approach should be fully compliant with the C99 standard However, in some cases of implementation defined behaviour, the protection scheme will break

CWE-416 http://www.securityfocus.com/bid/57578 http://osvdb.org/89644 http://wiki.libvirt.org/page/Maintenance_Releases http://secunia.com/advisories/52001 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098370.html http://www.securitytracker.com/id/1028047 http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098326.html http://libvirt.org/news.html https://bugzilla.redhat.com/show_bug.cgi?id=893450 http://secunia.com/advisories/52003 http://rhn.redhat.com/errata/RHSA-2013-0199.html http://lists.fedoraproject.org/pipermail/package-announce/2013-February/098398.html http://www.ubuntu.com/usn/USN-1708-1 http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00016.html https://exchange.xforce.ibmcloud.com/vulnerabilities/81552 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=46532e3e8ed5f5a736a02f67d6c805492f9ca720 https://access.redhat.com/errata/RHSA-2013:0199 https://usn.ubuntu.com/1708-1/https://nvd.nist.gov

CVE-2013-0170

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Github Repositories

References

Vulmon Search

About

Products

Connect