 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2014-8135 |
| Description: | The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2014-8135 61111 http://secunia.com/advisories/61111 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=87b9437f8951f9d24f9a85c6bbfff0e54df8c984 http://security.libvirt.org/2014/0009.html http://security.libvirt.org/2014/0009.html https://bugzilla.redhat.com/show_bug.cgi?id=1087104 https://bugzilla.redhat.com/show_bug.cgi?id=1087104 openSUSE-SU-2015:0008 http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html |