{
  "threat_severity" : "Moderate",
  "public_date" : "2020-02-19T00:00:00Z",
  "bugzilla" : {
    "description" : "libvirt: memory leak in domstats may allow read-only user to perform DoS attack",
    "id" : "1828190",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1828190"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
    "status" : "draft"
  },
  "cwe" : "CWE-401",
  "details" : [ "An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the domstats command, resulting in a potential denial of service.", "A memory leak flaw was found in the libvirt API that is responsible for retrieving domain stats when managing QEMU guests. This flaw allows unprivileged users with a read-only connection to cause a memory leak in the `domstats` command, resulting in a potential denial of service." ],
  "statement" : "Versions of `libvirt` as shipped with Red Hat Enterprise Linux are marked as \"notaffected\" because they do not include the vulnerable code, which was introduced in a later version of the package. Specifically, the affected function `qemuDomainGetStatsIOThread()` was introduced in `libvirt` upstream version 4.10.0.\nRHEL Advanced Virtualization is affected by this flaw as it ships a more recent version of the package.",
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Not affected",
    "package_name" : "libvirt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Not affected",
    "package_name" : "libvirt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Not affected",
    "package_name" : "libvirt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Not affected",
    "package_name" : "virt:rhel/libvirt",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "fix_state" : "Will not fix",
    "package_name" : "virt:8.1/libvirt",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8 Advanced Virtualization",
    "fix_state" : "Affected",
    "package_name" : "virt:8.2/libvirt",
    "cpe" : "cpe:/a:redhat:advanced_virtualization:8::el8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2020-12430\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-12430" ],
  "name" : "CVE-2020-12430",
  "csaw" : false
}