1 |
ID: MGASA-2013-0166 |
2 |
pubtime: 1370521473 |
3 |
type: security |
4 |
src: |
5 |
3: |
6 |
core: |
7 |
- libvirt-1.0.2-8.1.mga3 |
8 |
CVE: |
9 |
- CVE-2013-1962 |
10 |
subject: Updated libvirt packages fix security vulnerability |
11 |
description: | |
12 |
It was found that libvirtd leaked file descriptors when listing all volumes |
13 |
for a particular pool. A remote attacker able to establish a read-only |
14 |
connection to libvirtd could use this flaw to cause libvirtd to consume all |
15 |
available file descriptors, preventing other users from using libvirtd |
16 |
services (such as starting a new guest) until libvirtd is restarted |
17 |
(CVE-2013-1962). |
18 |
references: |
19 |
- https://rhn.redhat.com/errata/RHSA-2013-0831.html |
20 |
- https://bugs.mageia.org/show_bug.cgi?id=10345 |