CVE-2013-4297

libvirt < 1.1.2 - Authenticated Denial of Service via virFileNBDDeviceAssociate Uninitialized Pointer Dereference

Title source: llm
STIX 2.1

Description

The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.

References (4)

Core 4
Core References
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/60895
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201412-04.xml

Scores

EPSS 0.0197
EPSS Percentile 78.0%

Details

CWE
CWE-119
Status published
Products (50)
redhat/libvirt 0.0.1
redhat/libvirt 0.0.2
redhat/libvirt 0.0.3
redhat/libvirt 0.0.4
redhat/libvirt 0.0.5
redhat/libvirt 0.0.6
redhat/libvirt 0.1.0
redhat/libvirt 0.1.1
redhat/libvirt 0.1.3
redhat/libvirt 0.1.4
... and 40 more
Published Sep 30, 2013
Tracked Since Feb 18, 2026