CVE-2013-6458

NameCVE-2013-6458
DescriptionMultiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
SourceCVE (at NVD; oss-sec, fulldisc, OSVDB, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, more)
ReferencesDSA-2846-1
NVD severitymedium (attack range: remote)
Debian Bugs734556
Debian/oldoldstablepackage libvirt is vulnerable.
Debian/oldstablenot vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libvirt (PTS)squeeze, squeeze (security)0.8.3-5+squeeze5vulnerable
wheezy, wheezy (security)0.9.12.3-1+deb7u1fixed
jessie1.2.9-9fixed
stretch, sid1.2.16-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libvirtsource(unstable)1.2.1-1medium734556
libvirtsourcesqueeze(unfixed)end-of-life
libvirtsourcewheezy0.9.12.3-1mediumDSA-2846-1

Notes

[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
https://www.redhat.com/archives/libvir-list/2013-December/msg01202.html
upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad

Search for package or bug name: Reporting problems