CVE-2014-8135 - CERT CVE
ID CVE-2014-8135
Sažetak The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.
Reference
CVSS
Base: 2.1
Impact: 2.9
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
LOCAL LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE NONE PARTIAL
CVSS vektor AV:L/AC:L/Au:N/C:N/I:N/A:P
Zadnje važnije ažuriranje 13-02-2023 - 00:43
Objavljeno 19-12-2014 - 15:59