CVE-2013-6458

NameCVE-2013-6458
DescriptionMultiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-2846-1
Debian Bugs734556

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libvirt (PTS)bullseye7.0.0-3+deb11u3fixed
bookworm9.0.0-4+deb12u1fixed
sid, trixie10.7.0-3fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libvirtsourcesqueeze(unfixed)end-of-life
libvirtsourcewheezy0.9.12.3-1DSA-2846-1
libvirtsource(unstable)1.2.1-1734556

Notes

[squeeze] - libvirt <end-of-life> (Unsupported in squeeze-lts)
https://www.redhat.com/archives/libvir-list/2013-December/msg01202.html
upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad

Search for package or bug name: Reporting problems