| 1 |
ID: MGASA-2013-0166 |
| 2 |
pubtime: 1370521473 |
| 3 |
type: security |
| 4 |
src: |
| 5 |
3: |
| 6 |
core: |
| 7 |
- libvirt-1.0.2-8.1.mga3 |
| 8 |
CVE: |
| 9 |
- CVE-2013-1962 |
| 10 |
subject: Updated libvirt packages fix security vulnerability |
| 11 |
description: | |
| 12 |
It was found that libvirtd leaked file descriptors when listing all volumes |
| 13 |
for a particular pool. A remote attacker able to establish a read-only |
| 14 |
connection to libvirtd could use this flaw to cause libvirtd to consume all |
| 15 |
available file descriptors, preventing other users from using libvirtd |
| 16 |
services (such as starting a new guest) until libvirtd is restarted |
| 17 |
(CVE-2013-1962). |
| 18 |
references: |
| 19 |
- https://rhn.redhat.com/errata/RHSA-2013-0831.html |
| 20 |
- https://bugs.mageia.org/show_bug.cgi?id=10345 |
Parent Directory
| 
Revision Log