1 |
boklm |
10 |
ID: MGASA-2013-0166 |
2 |
|
|
pubtime: 1370521473 |
3 |
|
|
type: security |
4 |
|
|
src: |
5 |
|
|
3: |
6 |
|
|
core: |
7 |
davidwhodgins |
13017 |
- libvirt-1.0.2-8.1.mga3 |
8 |
boklm |
10 |
CVE: |
9 |
|
|
- CVE-2013-1962 |
10 |
|
|
subject: Updated libvirt packages fix security vulnerability |
11 |
|
|
description: | |
12 |
|
|
It was found that libvirtd leaked file descriptors when listing all volumes |
13 |
|
|
for a particular pool. A remote attacker able to establish a read-only |
14 |
|
|
connection to libvirtd could use this flaw to cause libvirtd to consume all |
15 |
|
|
available file descriptors, preventing other users from using libvirtd |
16 |
|
|
services (such as starting a new guest) until libvirtd is restarted |
17 |
|
|
(CVE-2013-1962). |
18 |
|
|
references: |
19 |
|
|
- https://rhn.redhat.com/errata/RHSA-2013-0831.html |
20 |
|
|
- https://bugs.mageia.org/show_bug.cgi?id=10345 |