PT-2012-4718 · Libvirt+2 · Libvirt+2

Petr Matousek

Published

2012-08-07

Updated

2024-06-15

CVE-2012-3445

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions libvirt version 0.9.13

Description The issue is related to the virTypedParameterArrayClear function in libvirt, which does not properly handle virDomain* API calls with typed parameters. This might allow remote authenticated users to cause a denial of service, resulting in a libvirtd crash. The crash can be triggered via an RPC command with nparams set to zero, leading to an out-of-bounds read or a free of an invalid pointer.

Recommendations For libvirt version 0.9.13, consider disabling the virTypedParameterArrayClear function as a temporary workaround until a patch is available. Restrict access to the virDomain* API calls to minimize the risk of exploitation. Avoid using RPC commands with nparams set to zero in the affected API endpoint until the issue is resolved.

Fix

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-399

Related Identifiers

CESA-2012_1202

CVE-2012-3445

OPENSUSE-SU-2024:10209-1

RHSA-2012:1202

RHSA-2012_1202

Affected Products

Centos

Red Hat

Libvirt

PT-2012-4718 · Libvirt+2 · Libvirt+2

CVE-2012-3445

Weakness Enumeration

Related Identifiers

Affected Products

References · 56