You are here

CVE-2014-1447

Vincent (CVE) Danen's picture
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.

Details Source

Mitre

Statement

Not vulnerable. This issue did not affect the versions of libvirt as shipped with Red Hat Enterprise Linux 5.

Public Date

2013-12-31 00:00:00

Impact

Moderate

Bugzilla

CVE-2014-1447 libvirt: denial of service with keepalive

Bugzilla ID

1 052 957

CVSS Status

verified

Base Score

3.30

Base Metrics

AV:A/AC:L/Au:N/C:N/I:N/A:P

Red Hat Security Errata

Platform Errata Release Date
Red Hat Enterprise Linux 6 (libvirt) RHSA-2014:0103 2014-01-28

Affected Packages State

Platform Package State
Red Hat Enterprise Linux 7 libvirt Affected
Red Hat Enterprise Linux 5 libvirt Not affected