CVE-2013-4153

Name of the Vulnerable Software and Affected Versions libvirt versions 1.0.6 through 1.1.0

Description The issue is related to a double free vulnerability in the qemuAgentGetVCPUs function. This vulnerability can be exploited by remote attackers to cause a denial of service, specifically a daemon crash, by sending a cpu count request. An example of how this can be done is through the "virsh vcpucount dom --guest" command.

Recommendations For libvirt versions 1.0.6 through 1.1.0, consider updating to a version that contains a fix for this issue to prevent potential denial of service attacks.