fkie_nvd - fkie_cve-2012-4423

FKIE_CVE-2012-4423

Vulnerability from fkie_nvd - Published: 2012-11-19 12:10 - Updated: 2025-04-11 00:51

Severity ?

Summary

The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table.

References

	URL	Tags
	secalert@redhat.com	http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a
	secalert@redhat.com	http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html
	secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html
	secalert@redhat.com	http://rhn.redhat.com/errata/RHSA-2012-1359.html
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2012/09/13/14
	secalert@redhat.com	http://www.securityfocus.com/bid/55541
	secalert@redhat.com	http://www.securitytracker.com/id?1027649
	secalert@redhat.com	http://www.ubuntu.com/usn/USN-1708-1
	secalert@redhat.com	https://bugzilla.redhat.com/show_bug.cgi?id=857133
	secalert@redhat.com	https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html
	af854a3a-2127-422b-91ae-364da2661108	http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a
	af854a3a-2127-422b-91ae-364da2661108	http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html
	af854a3a-2127-422b-91ae-364da2661108	http://rhn.redhat.com/errata/RHSA-2012-1359.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2012/09/13/14
	af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/55541
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1027649
	af854a3a-2127-422b-91ae-364da2661108	http://www.ubuntu.com/usn/USN-1708-1
	af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=857133
	af854a3a-2127-422b-91ae-364da2661108	https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html

Impacted products

Vendor	Product	Version
redhat	libvirt	*
redhat	libvirt	0.0.1
redhat	libvirt	0.0.2
redhat	libvirt	0.0.3
redhat	libvirt	0.0.4
redhat	libvirt	0.0.5
redhat	libvirt	0.0.6
redhat	libvirt	0.1.0
redhat	libvirt	0.1.1
redhat	libvirt	0.1.3
redhat	libvirt	0.1.4
redhat	libvirt	0.1.5
redhat	libvirt	0.1.6
redhat	libvirt	0.1.7
redhat	libvirt	0.1.8
redhat	libvirt	0.1.9
redhat	libvirt	0.2.0
redhat	libvirt	0.2.1
redhat	libvirt	0.2.2
redhat	libvirt	0.2.3
redhat	libvirt	0.3.0
redhat	libvirt	0.3.1
redhat	libvirt	0.3.2
redhat	libvirt	0.3.3
redhat	libvirt	0.4.0
redhat	libvirt	0.4.1
redhat	libvirt	0.4.2
redhat	libvirt	0.4.3
redhat	libvirt	0.4.4
redhat	libvirt	0.4.5
redhat	libvirt	0.4.6
redhat	libvirt	0.5.0
redhat	libvirt	0.5.1
redhat	libvirt	0.6.0
redhat	libvirt	0.6.1
redhat	libvirt	0.6.2
redhat	libvirt	0.6.3
redhat	libvirt	0.6.4
redhat	libvirt	0.6.5
redhat	libvirt	0.7.0
redhat	libvirt	0.7.1
redhat	libvirt	0.7.2
redhat	libvirt	0.7.3
redhat	libvirt	0.7.4
redhat	libvirt	0.7.5
redhat	libvirt	0.7.6
redhat	libvirt	0.7.7
redhat	libvirt	0.8.0
redhat	libvirt	0.8.1
redhat	libvirt	0.8.2
redhat	libvirt	0.8.3
redhat	libvirt	0.8.4
redhat	libvirt	0.8.5
redhat	libvirt	0.8.6
redhat	libvirt	0.8.7
redhat	libvirt	0.8.8
redhat	libvirt	0.9.0
redhat	libvirt	0.9.1
redhat	libvirt	0.9.2
redhat	libvirt	0.9.3
redhat	libvirt	0.9.4
redhat	libvirt	0.9.5
redhat	libvirt	0.9.6
redhat	libvirt	0.9.7
redhat	libvirt	0.9.8
redhat	libvirt	0.9.9
redhat	libvirt	0.9.10
redhat	libvirt	0.9.11
redhat	libvirt	0.9.12
redhat	libvirt	0.9.13
redhat	libvirt	0.10.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B436D1F7-1C63-43A1-98E7-3E9D07E8EB4B",
              "versionEndIncluding": "0.10.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4AFF5EF5-280A-499B-BD63-361EDC49A923",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2A0DD5B-AFDD-4DA4-B19C-2CA73FA9B477",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE616C79-74E0-4876-83D7-BE04CB954F92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "87FF4782-A017-4D6F-9588-BE0AD4AA04E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B7FDA56-4C79-4D79-9EDA-8A936C7D8DE9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF62226E-E4FE-4AF5-86A2-344148158A22",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C540F8A3-E12A-403B-81D2-CDB28DE03E47",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0900588-EBF9-4459-B1D7-588B72E40689",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "FE650A9D-D12D-43C5-B276-B3116CF096F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "359F1970-822B-4430-86EB-15091B2B4338",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "D08DB661-40DF-4234-9F6B-2EE0746FAC8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "E86D1293-6881-4F9D-B245-E16040921DF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C49F1101-0845-478F-BEA1-67185A763D37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F1FDF3E-87F8-4CBF-99F8-DBB03C7D2318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.1.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "DA319732-E860-459E-9C20-ED31D90510DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B16020-5330-4F99-8DD3-8B4037E22CFB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BCA6D83-281F-4B28-9CB2-253614017B5B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FEBBD0C7-F9D3-48D4-8D76-1FAFFB049300",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "C97CB42C-C89F-4BE6-80AC-A020EBF369FA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FCC2F2D6-90E3-4306-A29A-0A507BDF889C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB533B81-AFF3-442E-A499-555F2181F64D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "53AD34A3-9097-4375-BB30-CAED13987396",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80E37E3B-18A8-4D34-9400-2C18D0DBAAAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "36EAE07C-284D-4BEB-ABDF-28C157B3B90B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E28C5275-39D4-4C7C-A064-70161FE35802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "643D7C4C-6BD9-49CE-A7FD-819300CA955C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "77476F3F-A914-4EC6-9488-189BD9E1AE6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "B22C7B3D-169D-45CC-B1C1-9864991B3E05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D6D1F10-2908-42E0-8D8F-1FBBC804505D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC9ABBF2-B1AD-446A-A3D2-E103D1B411A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "450BD95B-5CE1-49E7-B6DB-6C14D9115CC1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "508578FC-BDC7-4B44-9F98-BD6CD657F57B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FD25F37B-C666-4EDB-AD77-CCE04A800348",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8903EA9-D354-4C9E-B308-653689534AFE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "F811BE37-6F53-4663-819F-E954787C345B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "2886A659-24BD-483B-8FCD-5BC21573EE42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "65FD148D-0088-47D5-AAC1-E0E990F9D170",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.6.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "84613074-CFA0-4C0B-B896-0751F652EA71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BCCF73F-8542-4955-ACD6-44F199D49CB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05C7EF0F-C069-424A-9B3F-D07C72450ADA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F25DF6A-34D5-4D5B-AFAF-7A21202460EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "B67C29ED-2975-47F0-AE75-875A380ECC56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC90B806-1FB3-434E-A664-2842AD3BA9CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DCDC5B5-1DD4-4FF4-8AB4-D38F5418B873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "0054B43A-F844-47C8-B03A-01696117B7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5C78A50-0F41-405C-9ABA-EE088D0ABE60",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8322F4E2-0AD0-497B-871E-233C0E0F1490",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "E41CEF32-4998-41D5-B971-12E7F4E39FB9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "E43FD74C-5986-4E9E-9C4F-9891133084A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "8D504B27-7BD0-4CB1-B8CA-76B7C537A4C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CBFD9B43-52BA-4FF9-84A1-369B1A96A166",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "10EE76EF-44D3-4645-B1E7-5BCFB4CB4204",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "934215BC-33D1-453F-B49B-23B52E580214",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "F274792B-F190-4A23-A551-6B07EA4028B1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F9D67FBC-4009-4FC1-B0CF-AA3C1505C2F4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E2059834-5A26-4DB9-B400-DBBE15690AAB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2F6277D-6732-44BA-91B4-D57877E011BD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2553A171-A830-4540-8CC6-51275F72AAEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "61C2C484-7AAB-475C-A44E-6D9DCF597DD8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A75CCF-28E1-44CC-962C-C56A4F64B370",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "B0E8A1AF-740A-454C-8019-B52654589603",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "F040825C-C457-40A1-A04C-F362289E13F7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "3327FB7D-92DB-479F-BF1C-2565C8F1B25C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "48F55C0A-3E6E-4E24-81D7-F023728E486A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "ACB7C00E-DF4E-40AF-A503-202A2FE03D5E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "6AB4E8A8-2B6C-4287-937B-C67A97EAB67A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "53C3F149-D917-4BB6-B264-F316DD96D2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "78C18997-7086-4BB0-8490-EDB5394951F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.9.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "37F280ED-37E3-4AB5-9BF1-AC935D904503",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:libvirt:0.10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0AC1F6BC-AB75-45F7-B846-D8900A0C690A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a \"gap\" in the RPC dispatch table."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n virNetServerProgramDispatchCall en libvirt antes de v0.10.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia puntero NULL y fallo de segmentaci\u00f3n) a trav\u00e9s de una llamada RPC con (1) un evento como el n\u00famero RPC o (2) un n\u00famero RPC cuyo valor es en un \"hueco\" en la tabla RPC."
    }
  ],
  "id": "CVE-2012-4423",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-11-19T12:10:52.040",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/55541"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id?1027649"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-1708-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/55541"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1027649"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-1708-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2012-4423 (GCVE-0-2012-4423)

Vulnerability from cvelistv5 – Published: 2012-11-19 11:00 – Updated: 2024-08-06 20:35

Summary

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

Tags

	http://libvirt.org/git/?p=libvirt.git%3Ba=commitd…	x_refsource_CONFIRM
	http://libvirt.org/git/?p=libvirt.git%3Ba=commit%…	x_refsource_CONFIRM
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://lists.fedoraproject.org/pipermail/package-…	vendor-advisoryx_refsource_FEDORA
	http://lists.opensuse.org/opensuse-security-annou…	vendor-advisoryx_refsource_SUSE
	http://www.securitytracker.com/id?1027649	vdb-entryx_refsource_SECTRACK
	https://bugzilla.redhat.com/show_bug.cgi?id=857133	x_refsource_MISC
	https://www.redhat.com/archives/libvir-list/2012-…	mailing-listx_refsource_MLIST
	http://www.securityfocus.com/bid/55541	vdb-entryx_refsource_BID
	http://rhn.redhat.com/errata/RHSA-2012-1359.html	vendor-advisoryx_refsource_REDHAT
	http://www.ubuntu.com/usn/USN-1708-1	vendor-advisoryx_refsource_UBUNTU
	http://www.openwall.com/lists/oss-security/2012/0…	mailing-listx_refsource_MLIST

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:35:09.551Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"
          },
          {
            "name": "FEDORA-2012-15640",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"
          },
          {
            "name": "FEDORA-2012-15634",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"
          },
          {
            "name": "openSUSE-SU-2013:0274",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"
          },
          {
            "name": "1027649",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1027649"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"
          },
          {
            "name": "[libvirt] 20120912 [PATCH] Fix libvirtd crash possibility",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"
          },
          {
            "name": "55541",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/55541"
          },
          {
            "name": "RHSA-2012:1359",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"
          },
          {
            "name": "USN-1708-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1708-1"
          },
          {
            "name": "[oss-security] 20120913 Re: CVE Request -- libvirt: null function pointer  invocation in virNetServerProgramDispatchCall()",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-09-12T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a \"gap\" in the RPC dispatch table."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2013-01-29T10:00:00",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"
        },
        {
          "name": "FEDORA-2012-15640",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"
        },
        {
          "name": "FEDORA-2012-15634",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"
        },
        {
          "name": "openSUSE-SU-2013:0274",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"
        },
        {
          "name": "1027649",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1027649"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"
        },
        {
          "name": "[libvirt] 20120912 [PATCH] Fix libvirtd crash possibility",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"
        },
        {
          "name": "55541",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/55541"
        },
        {
          "name": "RHSA-2012:1359",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"
        },
        {
          "name": "USN-1708-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1708-1"
        },
        {
          "name": "[oss-security] 20120913 Re: CVE Request -- libvirt: null function pointer  invocation in virNetServerProgramDispatchCall()",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2012-4423",
    "datePublished": "2012-11-19T11:00:00",
    "dateReserved": "2012-08-21T00:00:00",
    "dateUpdated": "2024-08-06T20:35:09.551Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2012-4423

CVE-2012-4423 (GCVE-0-2012-4423)

Tags

Sightings

Nomenclature