Upstream information

CVE-2013-5651 at MITRE

Description

The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 4.96
Vector AV:N/AC:L/Au:N/C:N/I:N/A:P
Access Vector Network
Access Complexity Low
Authentication None
Confidentiality Impact None
Integrity Impact None
Availability Impact Partial
SUSE Bugzilla entry: 837999 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 11 SP3
  • libvirt >= 1.0.5.6-0.7.1
  • libvirt-client >= 1.0.5.6-0.7.1
  • libvirt-client-32bit >= 1.0.5.6-0.7.1
  • libvirt-doc >= 1.0.5.6-0.7.1
  • libvirt-python >= 1.0.5.6-0.7.1
Patchnames:
sledsp3-libvirt
SUSE Linux Enterprise Server 11 SP3
  • libvirt >= 1.0.5.6-0.7.1
  • libvirt-client >= 1.0.5.6-0.7.1
  • libvirt-client-32bit >= 1.0.5.6-0.7.1
  • libvirt-doc >= 1.0.5.6-0.7.1
  • libvirt-lock-sanlock >= 1.0.5.6-0.7.1
  • libvirt-python >= 1.0.5.6-0.7.1
Patchnames:
slessp3-libvirt
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libvirt-devel >= 1.0.5.6-0.7.1
  • libvirt-devel-32bit >= 1.0.5.6-0.7.1
Patchnames:
sdksp3-libvirt
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libvirt-devel >= 1.0.5.6-0.7.1
Builds
SAT Patch Nr: 8421
SUSE Linux Enterprise Software Development Kit 11 SP3
  • libvirt-devel >= 1.0.5.6-0.7.1
  • libvirt-devel-32bit >= 1.0.5.6-0.7.1
Builds
SAT Patch Nr: 8421
SUSE Linux Enterprise Desktop 11 SP3
  • libvirt >= 1.0.5.6-0.7.1
  • libvirt-client >= 1.0.5.6-0.7.1
  • libvirt-doc >= 1.0.5.6-0.7.1
  • libvirt-python >= 1.0.5.6-0.7.1
Builds
SAT Patch Nr: 8421
SUSE Linux Enterprise Desktop 11 SP3
  • libvirt >= 1.0.5.6-0.7.1
  • libvirt-client >= 1.0.5.6-0.7.1
  • libvirt-client-32bit >= 1.0.5.6-0.7.1
  • libvirt-doc >= 1.0.5.6-0.7.1
  • libvirt-python >= 1.0.5.6-0.7.1
Builds
SAT Patch Nr: 8421
SUSE Linux Enterprise Server 11 SP3
  • libvirt >= 1.0.5.6-0.7.1
  • libvirt-client >= 1.0.5.6-0.7.1
  • libvirt-doc >= 1.0.5.6-0.7.1
  • libvirt-lock-sanlock >= 1.0.5.6-0.7.1
  • libvirt-python >= 1.0.5.6-0.7.1
Builds
SAT Patch Nr: 8421
SUSE Linux Enterprise Server 11 SP3
  • libvirt >= 1.0.5.6-0.7.1
  • libvirt-client >= 1.0.5.6-0.7.1
  • libvirt-client-32bit >= 1.0.5.6-0.7.1
  • libvirt-doc >= 1.0.5.6-0.7.1
  • libvirt-lock-sanlock >= 1.0.5.6-0.7.1
  • libvirt-python >= 1.0.5.6-0.7.1
Builds
SAT Patch Nr: 8421
openSUSE 12.3
  • libvirt >= 1.0.2-1.10.1
  • libvirt-client >= 1.0.2-1.10.1
  • libvirt-client-32bit >= 1.0.2-1.10.1
  • libvirt-client-debuginfo >= 1.0.2-1.10.1
  • libvirt-client-debuginfo-32bit >= 1.0.2-1.10.1
  • libvirt-debuginfo >= 1.0.2-1.10.1
  • libvirt-debugsource >= 1.0.2-1.10.1
  • libvirt-devel >= 1.0.2-1.10.1
  • libvirt-devel-32bit >= 1.0.2-1.10.1
  • libvirt-doc >= 1.0.2-1.10.1
  • libvirt-lock-sanlock >= 1.0.2-1.10.1
  • libvirt-lock-sanlock-debuginfo >= 1.0.2-1.10.1
  • libvirt-python >= 1.0.2-1.10.1
  • libvirt-python-debuginfo >= 1.0.2-1.10.1
Patchnames:
openSUSE-2013-763