4

CVE-2011-2511

Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
RedhatLibvirt Version <= 0.9.2
RedhatLibvirt Version0.0.1
RedhatLibvirt Version0.0.2
RedhatLibvirt Version0.0.3
RedhatLibvirt Version0.0.4
RedhatLibvirt Version0.0.5
RedhatLibvirt Version0.0.6
RedhatLibvirt Version0.1.0
RedhatLibvirt Version0.1.1
RedhatLibvirt Version0.1.3
RedhatLibvirt Version0.1.4
RedhatLibvirt Version0.1.5
RedhatLibvirt Version0.1.6
RedhatLibvirt Version0.1.7
RedhatLibvirt Version0.1.8
RedhatLibvirt Version0.1.9
RedhatLibvirt Version0.2.0
RedhatLibvirt Version0.2.1
RedhatLibvirt Version0.2.2
RedhatLibvirt Version0.2.3
RedhatLibvirt Version0.3.0
RedhatLibvirt Version0.3.1
RedhatLibvirt Version0.3.2
RedhatLibvirt Version0.3.3
RedhatLibvirt Version0.4.0
RedhatLibvirt Version0.4.1
RedhatLibvirt Version0.4.2
RedhatLibvirt Version0.4.3
RedhatLibvirt Version0.4.4
RedhatLibvirt Version0.4.5
RedhatLibvirt Version0.4.6
RedhatLibvirt Version0.5.0
RedhatLibvirt Version0.5.1
RedhatLibvirt Version0.6.0
RedhatLibvirt Version0.6.1
RedhatLibvirt Version0.6.2
RedhatLibvirt Version0.6.3
RedhatLibvirt Version0.6.4
RedhatLibvirt Version0.6.5
RedhatLibvirt Version0.7.0
RedhatLibvirt Version0.7.1
RedhatLibvirt Version0.7.2
RedhatLibvirt Version0.7.3
RedhatLibvirt Version0.7.4
RedhatLibvirt Version0.7.5
RedhatLibvirt Version0.7.6
RedhatLibvirt Version0.7.7
RedhatLibvirt Version0.8.0
RedhatLibvirt Version0.8.1
RedhatLibvirt Version0.8.2
RedhatLibvirt Version0.8.3
RedhatLibvirt Version0.8.4
RedhatLibvirt Version0.8.5
RedhatLibvirt Version0.8.6
RedhatLibvirt Version0.8.7
RedhatLibvirt Version0.8.8
RedhatLibvirt Version0.9.0
RedhatLibvirt Version0.9.1
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.54% 0.878
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4 8 2.9
AV:N/AC:L/Au:S/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://libvirt.org/news.html
http://www.debian.org/security/2011/dsa-2280
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html
http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html
http://secunia.com/advisories/45375
Vendor Advisory
http://secunia.com/advisories/45441
Vendor Advisory
http://secunia.com/advisories/45446
Vendor Advisory
http://www.openwall.com/lists/oss-security/2011/06/28/9
Patch
http://www.redhat.com/support/errata/RHSA-2011-1019.html
Vendor Advisory
http://www.redhat.com/support/errata/RHSA-2011-1197.html
http://www.securitytracker.com/id?1025822
http://www.ubuntu.com/usn/USN-1180-1
https://exchange.xforce.ibmcloud.com/vulnerabilities/68271
https://hermes.opensuse.org/messages/10027908
https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html
Patch