PT-2014-2555 · Red Hat · Libguestfs

Published

2014-05-27

Updated

2024-06-15

CVE-2013-2124

CVSS v2.0

4.3

Medium

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions LibguestFS versions 1.20.x through 1.20.6 LibguestFS version 1.21.x LibguestFS version 1.22.0 LibguestFS version 1.23.0

Description A double free issue in the inspect-fs.c file allows remote attackers to cause a denial of service, resulting in a crash, by providing empty guest files.

Recommendations For LibguestFS versions 1.20.x through 1.20.6, update to version 1.20.7 or later. For LibguestFS version 1.21.x, update to a version later than 1.21.x. For LibguestFS version 1.22.0, update to a version later than 1.22.0. For LibguestFS version 1.23.0, update to a version later than 1.23.0.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2013-2124

OPENSUSE-SU-2024:10032-1

Affected Products

Libguestfs

PT-2014-2555 · Red Hat · Libguestfs

CVE-2013-2124

Related Identifiers

Affected Products

References · 17