Vulnerabilities > CVE-2014-8135 - Unspecified vulnerability in Redhat Libvirt

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
redhat
nessus

Summary

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

Vulnerable Configurations

Part Description Count
Application
Redhat
1

Nessus

  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2015-3.NASL
    description - CVE-2014-8135: libvirt: local denial of service in storage driver 87b9437f-CVE-2014-8135.patch bsc#910860 - CVE-2014-8136: libvirt: local denial of service in qemu driver 2bdcd29c-CVE-2014-8136.patch bsc#910862 - CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats() 57023c0a-CVE-2014-8131.patch, cb104ef7-CVE-2014-8131.patch bsc#909274 - Get /proc/sys/net/ipv[46] read-write for wicked to work in containers. bsc#904432. ba9b7252-sys-net-rw.patch - Fix potential crasher in virt-aa-helper 2222123-virt-aa-helper-crash.patch - ip link add now needs the
    last seen2020-06-05
    modified2015-01-05
    plugin id80355
    published2015-01-05
    reporterThis script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/80355
    titleopenSUSE Security Update : libvirt (openSUSE-SU-2015:0008-1)
  • NASL familyGentoo Local Security Checks
    NASL idGENTOO_GLSA-201412-36.NASL
    descriptionThe remote host is affected by the vulnerability described in GLSA-201412-36 (libvirt: Denial of Service) Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to cause Denial of Service. Workaround : There is no known workaround at this time.
    last seen2020-06-01
    modified2020-06-02
    plugin id80241
    published2014-12-26
    reporterThis script is Copyright (C) 2014-2015 Tenable Network Security, Inc.
    sourcehttps://www.tenable.com/plugins/nessus/80241
    titleGLSA-201412-36 : libvirt: Denial of Service