Red Hat Bugzilla – Bug 1052957
CVE-2014-1447 libvirt: denial of service with keepalive
Last modified: 2014-01-28 13:20:28 EST
A race condition was found in the way libvirtd handled keepalive initialization requests when the connection is closed prior to establishing connection credentials.
An attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd, resulting in a denial of service.
Not vulnerable. This issue did not affect the versions of libvirt as shipped with Red Hat Enterprise Linux 5.
CVE Request --
Created libvirt tracking bugs for this issue:
Affects: fedora-all [bug 1054808]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2014:0103 https://rhn.redhat.com/errata/RHSA-2014-0103.html