libvirt "remoteDispatchStoragePoolListAllVolumes()" Denial

by Carol~ Moderator - 5/17/13 8:52 AM

In Reply to: VULNERABILITIES / FIXES - May 17, 2013 by Carol~ Moderator

libvirt "remoteDispatchStoragePoolListAllVolumes()" Denial of Service Vulnerability

Release Date : 2013-05-17

Criticality level : Less critical
Impact : DoS
Where : From remote
Solution Status: Vendor Workaround

Software: libvirt 1.x

A vulnerability has been reported in libvirt, which can be exploited by malicious users to cause a DoS (Denial of Service).

The vulnerability is caused due to the "remoteDispatchStoragePoolListAllVolumes()" function (daemon/remote.c) leaking file descriptors. This can be exploited to cause resource exhaustion and render the daemon unusable.

The vulnerability is reported in version 1.0.5. Other versions may also be affected.

Fixed in the GIT repository.

Provided and/or discovered by:
The vendor credits Edoardo Comar, IBM.

Original Advisory: