[v2.6] libvirt: DoS (CVE-2013-6458 CVE-2014-1447)
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command (CVE-2013-6458).
•CONFIRM: http://libvirt.org/news.html
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1043069
•DEBIAN:DSA-2846
•URL: http://www.debian.org/security/2014/dsa-2846
•SECUNIA:56186
•URL: http://secunia.com/advisories/56186
•SECUNIA:56446
•URL: http://secunia.com/advisories/56446
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent (CVE-2014-1447).
•CONFIRM: http://libvirt.org/news.html
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1047577
•DEBIAN:DSA-2846
•URL: http://www.debian.org/security/2014/dsa-2846
•SECUNIA:56321
•URL: http://secunia.com/advisories/56321
•SECUNIA:56446
•URL: http://secunia.com/advisories/56446
(from redmine: issue id 2636, created on 2014-02-04, closed on 2014-06-10)
- Relations:
- parent #2633 (closed)
- Changesets:
- Revision 89b40d15 on 2014-02-05T08:58:14Z:
main/libvirt: security upgrade to 1.0.5.9 (CVE-2013-6458 CVE-2014-1447)
Fixes #2636