#VU42110 Permissions, Privileges, and Access Controls in libvirt - CVE-2013-6457

Cybersecurity Help s.r.o.

Published: 2014-01-24 | Updated: 2020-08-10

Vulnerability identifier: #VU42110

Vulnerability risk: Low

CVSSv4.0: 1.1 [CVSS:4.0/AV:A/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2013-6457

CWE-ID: CWE-264

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
libvirt
Universal components / Libraries / Libraries used by multiple products

Vendor: libvirt.org

Description

The vulnerability allows a remote #AU# to read and manipulate data.

The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libvirt: 0.0.1 - 1.1.4

External links
https://libvirt.org/news.html
https://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
https://secunia.com/advisories/60895
https://security.gentoo.org/glsa/glsa-201412-04.xml
https://www.ubuntu.com/usn/USN-2093-1
https://bugzilla.redhat.com/show_bug.cgi?id=1048629
https://www.redhat.com/archives/libvir-list/2013-December/msg01176.html
https://www.redhat.com/archives/libvir-list/2013-December/msg01258.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Permissions, Privileges, and Access Controls in libvirt