Vigil@nce - libvirt: denial of service via virConnectListAllDomains
October 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can lock the virConnectListAllDomains() function of
libvirt, in order to trigger a denial of service.
Impacted products: MBS, RHEL, Unix (platform)
Severity: 1/4
Creation date: 03/10/2014
DESCRIPTION OF THE VULNERABILITY
The libvirt library provides a standard interface on several
virtualization products (Xen, QEMU, KVM, etc.).
The virConnectListAllDomains() function is used to list domains.
However, if it is called with a second parameter set to NULL, it
ends prematurely, and a lock is not freed.
An attacker can therefore lock the virConnectListAllDomains()
function of libvirt, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/libvirt-denial-of-service-via-virConnectListAllDomains-15440