The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.
References
Link | Resource |
---|---|
http://www.openwall.com/lists/oss-security/2016/05/24/5 | Mailing List |
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html | Third Party Advisory |
http://www.securitytracker.com/id/1035945 | Third Party Advisory VDB Entry |
http://xenbits.xen.org/xsa/advisory-180.html | Vendor Advisory |
https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=0d968ad715475a1660779bcdd2c5b38ad63db4cf | |
https://libvirt.org/news-2015.html | Release Notes Vendor Advisory |
http://www.openwall.com/lists/oss-security/2016/05/24/5 | Mailing List |
http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html | Third Party Advisory |
http://www.securitytracker.com/id/1035945 | Third Party Advisory VDB Entry |
http://xenbits.xen.org/xsa/advisory-180.html | Vendor Advisory |
https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=0d968ad715475a1660779bcdd2c5b38ad63db4cf | |
https://libvirt.org/news-2015.html | Release Notes Vendor Advisory |
Configurations
History
21 Nov 2024, 02:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.openwall.com/lists/oss-security/2016/05/24/5 - Mailing List | |
References | () http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html - Third Party Advisory | |
References | () http://www.securitytracker.com/id/1035945 - Third Party Advisory, VDB Entry | |
References | () http://xenbits.xen.org/xsa/advisory-180.html - Vendor Advisory | |
References | () https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=0d968ad715475a1660779bcdd2c5b38ad63db4cf - | |
References | () https://libvirt.org/news-2015.html - Release Notes, Vendor Advisory |
Information
Published : 2016-05-25 15:59
Updated : 2024-11-21 02:08
NVD link : CVE-2014-3672
Mitre link : CVE-2014-3672
CVE.ORG link : CVE-2014-3672
JSON object : View
Products Affected
xen
- xen
redhat
- libvirt
CWE
CWE-400
Uncontrolled Resource Consumption