CVE-2013-4399

Publication date 12 December 2014

Last updated 24 July 2024

Ubuntu priority

The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libvirt	13.10 saucy	Not affected
	13.04 raring	Not affected
	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	10.04 LTS lucid	Not affected

Notes

jdstrand

per upstream, introduced in 1.1.0

mdeslaur

in fix-crash-in-libvirtd-when-events patch in saucy+

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
libvirt	Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=8294aa0c1750dcb49d6345cd9bd97bf421580d8b

References

Other references

https://www.cve.org/CVERecord?id=CVE-2013-4399