{ "threat_severity" : "Moderate", "public_date" : "2013-09-19T00:00:00Z", "bugzilla" : { "description" : "libvirt: unprivileged user can crash libvirtd during spice migration", "id" : "1077620", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1077620" }, "cvss" : { "cvss_base_score" : "5.0", "cvss_scoring_vector" : "AV:N/AC:L/Au:N/C:N/I:N/A:P", "status" : "verified" }, "details" : [ "The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function." ], "statement" : "Not vulnerable.\nThis issue did not affect the versions of libvirt package as shipped with Red Hat Enterprise Linux 5 and 6 (since http://rhn.redhat.com/errata/RHBA-2013-1581.html, Red Hat Enterprise Linux 6.5 GA).", "acknowledgement" : "This issue was discovered by Marian Krcmarik (Red Hat).", "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2013-11-20T00:00:00Z", "advisory" : "RHBA-2013:1581", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "libvirt-0:0.10.2-29.el6" }, { "product_name" : "Red Hat Storage 3 for RHEL 6", "release_date" : "2013-11-20T00:00:00Z", "advisory" : "RHBA-2013:1581", "cpe" : "cpe:/a:redhat:storage:3:server:el6", "package" : "libvirt-0:0.10.2-29.el6" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Not affected", "package_name" : "libvirt", "cpe" : "cpe:/o:redhat:enterprise_linux:5" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Not affected", "package_name" : "libvirt", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-7336\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-7336" ], "name" : "CVE-2013-7336", "csaw" : false }