CVE-2013-6458

NameCVE-2013-6458
DescriptionMultiple race conditions in the (1) virDomainBlockStats, (2) ...
SourceCVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, SuSE, more)
ReferencesDSA-2846-1
Debian Bugs734556
Debian/oldstablepackage libvirt is vulnerable.
Debian/stablenot vulnerable.
Debian/testingnot vulnerable.
Debian/unstablenot vulnerable.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
libvirt (PTS)squeeze, squeeze (security)0.8.3-5+squeeze5vulnerable
wheezy, wheezy (security)0.9.12.3-1fixed
jessie, sid1.2.1-1fixed

The information above is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
libvirtsource(unstable)1.2.1-1734556
libvirtsourcewheezy0.9.12.3-1DSA-2846-1

Notes

https://www.redhat.com/archives/libvir-list/2013-December/msg01202.html
upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad

Search for package or bug name: Reporting problems

Home - Testing Security Team - Debian Security - Source (SVN)