Executive Summary

Informations
Name MDVSA-2014:195 First vendor Publication 2014-10-03
Vendor Mandriva Last vendor Modification 2014-10-03
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:N/A:P)
Cvss Base Score 5.8 Attack Range Network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple vulnerabilities has been discovered and corrected in libvirt:

An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process (CVE-2014-3633).

A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive (CVE-2014-3657).

The updated libvirt packages have been upgraded to the 1.1.3.6 version and patched to resolve these security flaws.

Original Source

Url : http://www.mandriva.com/security/advisories?name=MDVSA-2014:195

CWE : Common Weakness Enumeration

% Id Name
50 % CWE-399 Resource Management Errors
50 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:26810
 
Oval ID: oval:org.mitre.oval:def:26810
Title: ELSA-2014-1352 -- libvirt security and bug fix update
Description: [1.1.1-29.0.1.el7_0.3] - Replace docs/et.png in tarball with blank image [1.1.1-29.el7_0.3] - domain_conf: fix domain deadlock (CVE-2014-3657) [1.1.1-29.el7_0.2] - qemu: split out cpuset.mems setting (rhbz#1135871) - qemu: leave restricting cpuset.mems after initialization (rhbz#1135871) - qemu: blkiotune: Use correct definition when looking up disk (CVE-2014-3633)
Family: unix Class: patch
Reference(s): ELSA-2014-1352
CVE-2014-3633
CVE-2014-3657
Version: 4
Platform(s): Oracle Linux 7
Product(s): libvirt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:26939
 
Oval ID: oval:org.mitre.oval:def:26939
Title: USN-2366-1 -- libvirt vulnerabilities
Description: Several security issues were fixed in libvirt.
Family: unix Class: patch
Reference(s): USN-2366-1
CVE-2014-0179
CVE-2014-5177
CVE-2014-3633
Version: 3
Platform(s): Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): libvirt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27061
 
Oval ID: oval:org.mitre.oval:def:27061
Title: DSA-3038-1 libvirt - security update
Description: Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library.
Family: unix Class: patch
Reference(s): DSA-3038-1
CVE-2014-0179
CVE-2014-3633
Version: 3
Platform(s): Debian GNU/Linux 7.0
Debian GNU/kFreeBSD 7.0
Product(s): libvirt
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:27115
 
Oval ID: oval:org.mitre.oval:def:27115
Title: RHSA-2014:1352: libvirt security and bug fix update (Moderate)
Description: The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process. (CVE-2014-3633) A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive. (CVE-2014-3657) The CVE-2014-3633 issue was discovered by Luyao Huang of Red Hat. This update also fixes the following bug: * Prior to this update, libvirt was setting the cpuset.mems parameter for domains with numatune/memory[nodeset] prior to starting them. As a consequence, domains with such a nodeset, which excluded the NUMA node with DMA and DMA32 zones (found in /proc/zoneinfo), could not be started due to failed KVM initialization. With this update, libvirt sets the cpuset.mems parameter after the initialization, and domains with any nodeset (in /numatune/memory) can be started without an error. (BZ#1135871) All libvirt users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, libvirtd will be restarted automatically.
Family: unix Class: patch
Reference(s): RHSA-2014:1352-00
CESA-2014:1352
CVE-2014-3633
CVE-2014-3657
Version: 3
Platform(s): Red Hat Enterprise Linux 7
CentOS Linux 7
Product(s): libvirt
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 43
Os 3

Nessus® Vulnerability Scanner

Date Description
2015-03-30 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-115.nasl - Type : ACT_GATHER_INFO
2014-11-20 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1873.nasl - Type : ACT_GATHER_INFO
2014-11-19 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1873.nasl - Type : ACT_GATHER_INFO
2014-11-12 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2404-1.nasl - Type : ACT_GATHER_INFO
2014-10-15 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-585.nasl - Type : ACT_GATHER_INFO
2014-10-15 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2014-586.nasl - Type : ACT_GATHER_INFO
2014-10-06 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2014-1352.nasl - Type : ACT_GATHER_INFO
2014-10-06 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2014-195.nasl - Type : ACT_GATHER_INFO
2014-10-02 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2014-1352.nasl - Type : ACT_GATHER_INFO
2014-10-01 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-2366-1.nasl - Type : ACT_GATHER_INFO
2014-09-29 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3038.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2014-10-08 13:25:08
  • Multiple Updates
2014-10-07 21:33:15
  • Multiple Updates
2014-10-06 21:32:33
  • Multiple Updates
2014-10-03 13:24:41
  • First insertion