CVE-2013-6458

NameCVE-2013-6458
DescriptionMultiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2846-1
Debian Bugs734556

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libvirt (PTS)buster5.0.0-4+deb10u1fixed
bullseye7.0.0-3+deb11u2fixed
bookworm9.0.0-4fixed
sid, trixie10.0.0-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libvirtsourcesqueeze(unfixed)end-of-life
libvirtsourcewheezy0.9.12.3-1DSA-2846-1
libvirtsource(unstable)1.2.1-1734556

Notes

[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
https://www.redhat.com/archives/libvir-list/2013-December/msg01202.html
upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad

Search for package or bug name: Reporting problems