CVE-2014-3633

Canonical Ubuntu Linux < 1.2.8 - Memory Corruption

Title source: rule
STIX 2.1

Description

The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.

References (10)

Core 10
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-201412-04.xml
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2014/dsa-3038
Vendor Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2014-1352.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/60895
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-2366-1
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-10/msg00014.html
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/60291
Vendor Advisory x_refsource_confirm
http://security.libvirt.org/2014/0004.html
Mailing List vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-updates/2014-10/msg00017.html

Scores

EPSS 0.0275
EPSS Percentile 84.5%

Details

CWE
CWE-119
Status published
Products (12)
canonical/ubuntu_linux 10.04
canonical/ubuntu_linux 12.04
canonical/ubuntu_linux 14.04
libvirt/libvirt 1.2.0
libvirt/libvirt 1.2.1
libvirt/libvirt 1.2.2
libvirt/libvirt 1.2.3
libvirt/libvirt 1.2.4
libvirt/libvirt 1.2.5
libvirt/libvirt 1.2.6
... and 2 more
Published Oct 06, 2014
Tracked Since Feb 18, 2026