Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2013-2124

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2013-2124
Last Modified 28 May 2014 12:53:08
Published 27 May 2014 10:55:06
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2013-2124

Summary

Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files.

Vulnerable Systems

Application

  • Libguestfs 1.20.0

  • Libguestfs 1.20.1

  • Libguestfs 1.20.2

  • Libguestfs 1.20.3

  • Libguestfs 1.20.4

  • Libguestfs 1.20.5

  • Libguestfs 1.20.6

  • Libguestfs 1.21.1

  • Libguestfs 1.21.10

  • Libguestfs 1.21.11

  • Libguestfs 1.21.12

  • Libguestfs 1.21.13

  • Libguestfs 1.21.14

  • Libguestfs 1.21.15

  • Libguestfs 1.21.16

  • Libguestfs 1.21.17

  • Libguestfs 1.21.18

  • Libguestfs 1.21.19

  • Libguestfs 1.21.2

  • Libguestfs 1.21.20

  • Libguestfs 1.21.21

  • Libguestfs 1.21.22

  • Libguestfs 1.21.23

  • Libguestfs 1.21.24

  • Libguestfs 1.21.25

  • Libguestfs 1.21.26

  • Libguestfs 1.21.27

  • Libguestfs 1.21.28

  • Libguestfs 1.21.29

  • Libguestfs 1.21.3

  • Libguestfs 1.21.30

  • Libguestfs 1.21.31

  • Libguestfs 1.21.32

  • Libguestfs 1.21.33

  • Libguestfs 1.21.34

  • Libguestfs 1.21.35

  • Libguestfs 1.21.36

  • Libguestfs 1.21.37

  • Libguestfs 1.21.38

  • Libguestfs 1.21.39

  • Libguestfs 1.21.4

  • Libguestfs 1.21.40

  • Libguestfs 1.21.5

  • Libguestfs 1.21.6

  • Libguestfs 1.21.7

  • Libguestfs 1.21.8

  • Libguestfs 1.21.9

  • Libguestfs 1.22.0

  • Libguestfs 1.23.0


References

MLIST - [Libguestfs] 20130528 Re: ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0

MLIST - [Libguestfs] 20130528 ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0

CONFIRM - https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd

XF - libguestfs-cve20132124-inspectfs-dos(85145)

BID - 60205

MLIST - [oss-security] 20130529 Re: Re: CVE Request -- libguestfs (1.20.6 | 1.22.0 | 1.23.0 <= X < 1.22.1 | 1.23.1): Denial of service due to a double-free when inspecting certain guest files / images

OSVDB - 93724


Last Updated: 27 May 2016 11:05:24