#VU43760 Resource management error in libvirt - CVE-2012-3445

Cybersecurity Help s.r.o.

Published: 2012-08-08 | Updated: 2020-08-11

Vulnerability identifier: #VU43760

Vulnerability risk: Low

CVSSv4.0: 1.2 [CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2012-3445

CWE-ID: CWE-399

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
libvirt
Universal components / Libraries / Libraries used by multiple products

Vendor: libvirt.org

Description

The vulnerability allows a remote #AU# to perform service disruption.

The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer.

Mitigation
Install update from vendor's website.

Vulnerable software versions

libvirt: 0.9.13

External links
https://lists.opensuse.org/opensuse-updates/2012-08/msg00023.html
https://rhn.redhat.com/errata/RHSA-2012-1202.html
https://secunia.com/advisories/50118
https://secunia.com/advisories/50299
https://secunia.com/advisories/50372
https://www.openwall.com/lists/oss-security/2012/07/31/4
https://www.openwall.com/lists/oss-security/2012/07/31/7
https://www.securityfocus.com/bid/54748
https://bugzilla.redhat.com/show_bug.cgi?id=844734
https://www.redhat.com/archives/libvir-list/2012-July/msg01650.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated privileged user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Resource management error in libvirt