Vulnerabilities > CVE-2014-8135 - Unspecified vulnerability in Redhat Libvirt
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN redhat
nessus
Summary
The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Nessus
NASL family SuSE Local Security Checks NASL id OPENSUSE-2015-3.NASL description - CVE-2014-8135: libvirt: local denial of service in storage driver 87b9437f-CVE-2014-8135.patch bsc#910860 - CVE-2014-8136: libvirt: local denial of service in qemu driver 2bdcd29c-CVE-2014-8136.patch bsc#910862 - CVE-2014-8131: Fix possible deadlock and segfault in qemuConnectGetAllDomainStats() 57023c0a-CVE-2014-8131.patch, cb104ef7-CVE-2014-8131.patch bsc#909274 - Get /proc/sys/net/ipv[46] read-write for wicked to work in containers. bsc#904432. ba9b7252-sys-net-rw.patch - Fix potential crasher in virt-aa-helper 2222123-virt-aa-helper-crash.patch - ip link add now needs the last seen 2020-06-05 modified 2015-01-05 plugin id 80355 published 2015-01-05 reporter This script is Copyright (C) 2015-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/80355 title openSUSE Security Update : libvirt (openSUSE-SU-2015:0008-1) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201412-36.NASL description The remote host is affected by the vulnerability described in GLSA-201412-36 (libvirt: Denial of Service) Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact : A context-dependent attacker may be able to cause Denial of Service. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 80241 published 2014-12-26 reporter This script is Copyright (C) 2014-2015 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/80241 title GLSA-201412-36 : libvirt: Denial of Service