CVE-2014-8136 Information

Feb 14, 2021 cve

Description

The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails which allow local users to cause a denial of service via unspecified vectors.

Reference

http://advisories.mageia.org/MGASA-2015-0002.html http://libvirt.org/git/?p=libvirt.git;a=commit;h=2bdcd29c713dfedd813c89f56ae98f6f3898313d http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html http://rhn.redhat.com/errata/RHSA-2015-0323.html http://secunia.com/advisories/61111 http://www.mandriva.com/security/advisories?name=MDVSA-2015:023 http://www.mandriva.com/security/advisories?name=MDVSA-2015:070 http://www.ubuntu.com/usn/USN-2867-1

Share on: