1048631 – (CVE-2013-6458) CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash

Bug 1048631 (CVE-2013-6458) - CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash

Summary: CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash

Keywords:
Status:	CLOSED ERRATA
Alias:	CVE-2013-6458
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1043069 1048643 1054206 1054207 1054804
Blocks:	1048642 1056484
TreeView+	depends on / blocked

Reported:	2014-01-06 00:34 UTC by Murray McAllister
Modified:	2021-02-17 07:02 UTC (History)
CC List:	58 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-01-21 15:36:03 UTC
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Bugzilla	1113751	1	None	None	None	2021-01-20 06:05:38 UTC
Red Hat Bugzilla	1113828	1	None	None	None	2021-01-20 06:05:38 UTC
Red Hat Product Errata	RHSA-2014:0103	0	normal	SHIPPED_LIVE	Moderate: libvirt security and bug fix update	2014-01-28 22:49:13 UTC

Internal Links: 1113751 1113828

Description Murray McAllister 2014-01-06 00:34:42 UTC

A job usage issue in several APIs could allow an attacker who is able to establish a read-only connection to libvirtd to crash libvirtd.

Comment 4 Murray McAllister 2014-01-08 02:32:11 UTC

Upstream fix:

http://libvirt.org/git/?p=libvirt.git;a=commit;h=db86da5ca2109e4006c286a09b6c75bfe10676ad

https://bugzilla.redhat.com/show_bug.cgi?id=1043069#c15 notes "I found similar patterns in several other APIs and fixed them by the following commits: v1.2.0-233-gb799259, v1.2.0-234-gf93d2ca, v1.2.0-235-gff5f30b, v1.2.0-236-g3b56425."

Comment 7 Petr Matousek 2014-01-16 12:57:12 UTC

Created libvirt tracking bugs for this issue:

Affects: fedora-all [bug 1054206]

Comment 9 errata-xmlrpc 2014-01-28 17:50:19 UTC

This issue has been addressed in following products:

  Red Hat Enterprise Linux 6

Via RHSA-2014:0103 https://rhn.redhat.com/errata/RHSA-2014-0103.html

Comment 10 Petr Matousek 2014-04-29 15:36:51 UTC

Statement:

Red Hat Enterprise Linux 5 is now in Production 3 phase of the support and maintenance life cycle. This issue is not currently planned to be addressed in future updates. For additional information, refer to the Red Hat Enterprise Linux Life Cycle: https://access.redhat.com/support/policy/updates/errata/.

Note You need to log in before you can comment on or make changes to this bug.

aavati
amit.shah
aortega
apevec
areis
ayoung
berrange
bsarathy
carnil
cfergeau
chrisw
clalancette
drjones
dwmw2
dyuan
eblake
ehabkost
fweimer
gkotton
gleb
honzhang
iheim
imammedo
itamar
jforbes
jkurik
knoel
kraxel
laine
lhh
libvirt-maint
lkundrak
markmc
m.a.young
mkenneth
mrezanin
mtosatti
mzhan
pbonzini
pfrields
pmatouse
rbalakri
rbryant
rhos-maint
rhs-bugs
rjones
rkrcmar
rwheeler
sclewis
scottt.tw
shyu
ssaha
vbellur
veillard
virt-maint
xen-maint
ydu
yeylon