CVE-2014-8135

Severity

21%

Complexity

39%

Confidentiality

48%

The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows local users to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted offset value in a "virsh vol-upload" command.

CWE-476: NULL Pointer Dereference

CVSS 2.0 Base Score 2.1. CVSS Attack Vector: local. CVSS Attack Complexity: low. CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P).

Overview

First reported 10 years ago

2014-12-19 15:59:00

Last updated 10 years ago

2015-01-10 02:59:00

Affected Software

Red Hat libvirt

References

http://libvirt.org/git/?p=libvirt.git;a=commit;h=87b9437f8951f9d24f9a85c6bbfff0e54df8c984

Vendor Advisory

openSUSE-SU-2015:0008

61111

http://security.libvirt.org/2014/0009.html

https://bugzilla.redhat.com/show_bug.cgi?id=1087104

Exploit

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.