CVE-2011-2511
Severity CVSS v4.0:
Pending analysis
Type:
CWE-189
Numeric Errors
Publication date:
10/08/2011
Last modified:
13/02/2023
Description
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
Impact
Base Score 2.0
4.00
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:* | 0.9.2 (including) | |
cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:* | ||
cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://libvirt.org/news.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062515.html
- http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062855.html
- http://secunia.com/advisories/45375
- http://secunia.com/advisories/45441
- http://secunia.com/advisories/45446
- http://www.debian.org/security/2011/dsa-2280
- http://www.openwall.com/lists/oss-security/2011/06/28/9
- http://www.redhat.com/support/errata/RHSA-2011-1019.html
- http://www.redhat.com/support/errata/RHSA-2011-1197.html
- http://www.securitytracker.com/id?1025822=
- http://www.ubuntu.com/usn/USN-1180-1
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68271
- https://hermes.opensuse.org/messages/10027908
- https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html