Vigil@nce - libvirtd: NULL pointer dereference via qemuDomainBlockStats
January 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can dereference a NULL pointer in qemuDomainBlockStats
of libvirtd, in order to trigger a denial of service.
Impacted products: Unix (platform)
Severity: 1/4
Creation date: 09/01/2014
DESCRIPTION OF THE VULNERABILITY
The libvirt library provides a standard interface on several
virtualization products (Xen, QEMU, KVM, etc.).
The qemuDomainBlockStats() function of the qemu/qemu_driver.c file
obtains information on a disk. However, it does not check if a
pointer is NULL, before using it.
An attacker can therefore dereference a NULL pointer in the
qemuDomainBlockStats() function of libvirtd, in order to trigger a
denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/libvirtd-NULL-pointer-dereference-via-qemuDomainBlockStats-14047