Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4
CVSSv2

CVE-2013-4296

Published: 30/09/2013 Updated: 13/02/2023
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Subscribe to Libvirt

Vulnerability Summary

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 up to and including 0.10.1.x, 0.10.2.x prior to 0.10.2.8, 1.0.x prior to 1.0.5.6, and 1.1.x prior to 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call.

Vulnerable Product Search on Vulmon Subscribe to Product

redhat libvirt 0.9.13

redhat libvirt 1.0.5.4

redhat libvirt 0.9.2

redhat libvirt 0.9.5

redhat libvirt 1.0.5.3

redhat libvirt 0.10.2.2

redhat libvirt 0.9.10

redhat libvirt 0.9.8

redhat libvirt 0.10.2.7

redhat libvirt 0.9.9

redhat libvirt 0.9.3

redhat libvirt 0.9.6

redhat libvirt 0.10.2.4

redhat libvirt 0.10.2.1

redhat libvirt 0.10.2.6

redhat libvirt 0.9.12

redhat libvirt 0.10.2.3

redhat libvirt 1.1.1

redhat libvirt 0.10.1

redhat libvirt 1.0.5.1

redhat libvirt 0.10.2

redhat libvirt 1.0.5.2

redhat libvirt 0.10.0

redhat libvirt 0.9.4

redhat libvirt 0.9.1

redhat libvirt 0.10.2.5

redhat libvirt 0.9.7

redhat libvirt 1.0.5.5

redhat libvirt 1.1.0

redhat libvirt 0.9.11

canonical ubuntu linux 13.04

canonical ubuntu linux 12.10

canonical ubuntu linux 12.04

canonical ubuntu linux 10.04

redhat enterprise linux 6.0

Vendor Advisories

Red Hat: Important: libvirt security and bug fix update
Synopsis Important: libvirt security and bug fix update Type/Severity Security Advisory: Important Topic Updated libvirt packages that fix two security issues and several bugs arenow available for Red Hat Enterprise Linux 6The Red Hat Security Response Team has rated this update as havingimportant security ...
Ubuntu Security Notice: libvirt vulnerabilities
Several security issues were fixed in libvirt ...
Debian Security Advisories: DSA-2764-1 libvirt -- programming error
Daniel P Berrange discovered that incorrect memory handling in the remoteDispatchDomainMemoryStats() function could lead to denial of service The oldstable distribution (squeeze) is not affected For the stable distribution (wheezy), this problem has been fixed in version 0912-11+deb7u4 This update also includes some non-security related bugfi ...
Red Hat: CVE-2013-4296
The remoteDispatchDomainMemoryStats function in daemon/remotec in libvirt 091 through 0101x, 0102x before 01028, 10x before 1056, and 11x before 112 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC call ...

References

CWE-119http://wiki.libvirt.org/page/Maintenance_Releaseshttp://rhn.redhat.com/errata/RHSA-2013-1272.htmlhttps://bugzilla.redhat.com/show_bug.cgi?id=1006173http://www.ubuntu.com/usn/USN-1954-1http://www.debian.org/security/2013/dsa-2764http://lists.opensuse.org/opensuse-updates/2013-10/msg00023.htmlhttp://lists.opensuse.org/opensuse-updates/2013-10/msg00024.htmlhttp://rhn.redhat.com/errata/RHSA-2013-1460.htmlhttp://secunia.com/advisories/60895http://security.gentoo.org/glsa/glsa-201412-04.xmlhttp://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=e7f400a110e2e3673b96518170bfea0855dd82c0https://access.redhat.com/errata/RHSA-2013:1272https://usn.ubuntu.com/1954-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2013-4296
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook