CVE-2013-1962

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-1962 at MITRE

Description

The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool."

NVD CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)

SUSE information

SUSE Bugzilla entry: 820397

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • libvirt >= 1.0.2-1.6.1
  • libvirt-client >= 1.0.2-1.6.1
  • libvirt-client-32bit >= 1.0.2-1.6.1
  • libvirt-client-debuginfo >= 1.0.2-1.6.1
  • libvirt-client-debuginfo-32bit >= 1.0.2-1.6.1
  • libvirt-debuginfo >= 1.0.2-1.6.1
  • libvirt-debugsource >= 1.0.2-1.6.1
  • libvirt-devel >= 1.0.2-1.6.1
  • libvirt-devel-32bit >= 1.0.2-1.6.1
  • libvirt-doc >= 1.0.2-1.6.1
  • libvirt-lock-sanlock >= 1.0.2-1.6.1
  • libvirt-lock-sanlock-debuginfo >= 1.0.2-1.6.1
  • libvirt-python >= 1.0.2-1.6.1
  • libvirt-python-debuginfo >= 1.0.2-1.6.1
Patchnames:
openSUSE-2013-463