4
CVE-2011-2511
- EPSS 3.54%
- Veröffentlicht 10.08.2011 20:55:01
- Zuletzt bearbeitet 16.06.2026 23:31:29
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 3.54% | 0.878 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 4 | 8 | 2.9 |
AV:N/AC:L/Au:S/C:N/I:N/A:P
|
http://libvirt.org/news.html
http://www.debian.org/security/2011/dsa-2280
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html
http://secunia.com/advisories/45375
http://secunia.com/advisories/45441
http://secunia.com/advisories/45446
http://www.openwall.com/lists/oss-security/2011/06/28/9
http://www.redhat.com/support/errata/RHSA-2011-1019.html
http://www.redhat.com/support/errata/RHSA-2011-1197.html
http://www.securitytracker.com/id?1025822
http://www.ubuntu.com/usn/USN-1180-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/68271
https://hermes.opensuse.org/messages/10027908
https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html