NVD

Id
41510  
Name
CVE-2013-6457  
Description
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command.  
Reject
 
CVSS Version
2  
CVSS Score
5.2  
Severity
Medium  
CVSS Base Score
5.2  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
5.1  
CVSS Vector
(AV:A/AC:L/Au:S/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2014-01-24  
Modified Date
2015-01-02  
Seq
2013-6457  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
209801 41510 CVE-2013-6457 http://libvirt.org/news.html  View
209802 41510 CVE-2013-6457 openSUSE-SU-2014:0268  View
209803 41510 CVE-2013-6457 GLSA-201412-04  View
209804 41510 CVE-2013-6457 USN-2093-1  View
209805 41510 CVE-2013-6457 https://bugzilla.redhat.com/show_bug.cgi?id=1048629  View
209806 41510 CVE-2013-6457 [libvirt] 20131220 [PATCH] libxl: avoid crashing if calling `virsh numatune" on inactive domain  View
209807 41510 CVE-2013-6457 [libvirt] 20131224 CVE-2013-6457 Re: [PATCH] libxl: avoid crashing if calling `virsh numatune" on inactive domain  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
24348 JVNDB-2013-005923 libvirt の libxl ドライバ内の libxlDomainGetNumaParameters 関数におけるサービス運用妨害 (DoS) の脆弱性 libvirt の libxl ドライバ (libxl/libxl_driver.c) 内の libxlDomainGetNumaParameters 関数は、ノードマップを適切に初期化しないため、サービス運用妨害 (不正な操作およびクラッシュ) 状態にされる、または任意のコードを実行される脆弱性が存在します。 CVE-2013-6457 66399 CVE-2013-6457 41510 5.2 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-005923.html 2013-12-20 2015-08-03 View