Common Vulnerabilities and Exposures assigned an identifier CVE-2014-8135 to
the following vulnerability:
The storageVolUpload function in storage/storage_driver.c in libvirt
does not check a certain return value, which allows local users to
cause a denial of service (NULL pointer dereference and daemon crash)
via a crafted offset value in a "virsh vol-upload" command.
Upstream commit that addresses this issue:
This issue affects the versions of libvirt as shipped with Red Hat Enterprise Linux 5, 6 and 7. Red Hat Product Security has rated this issue as having Moderate security impact. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.