Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-8131


Vulnerability Score 4.0 4.0
CVE Id CVE-2014-8131
Last Modified 06 Jan 2015 01:57:12
Published 06 Jan 2015 10:59:04
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication SINGLE_INSTANCE



The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.

Vulnerable Systems


  • Redhat Libvirt 1.2.10



SUSE - openSUSE-SU-2015:0008

Last Updated: 27 May 2016 11:07:26