CVE-2013-6458

N/A Unknown
Published: January 24, 2014 Modified: April 29, 2026
View on NVD

Description

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://libvirt.org/news.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
Source: secalert@redhat.com
http://lists.opensuse.org/opensuse-updates/2014-02/msg00062.html
Source: secalert@redhat.com
http://rhn.redhat.com/errata/RHSA-2014-0103.html
Source: secalert@redhat.com
http://secunia.com/advisories/56186
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/56446
Source: secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/60895
Source: secalert@redhat.com
http://security.gentoo.org/glsa/glsa-201412-04.xml
Source: secalert@redhat.com
http://www.debian.org/security/2014/dsa-2846
Source: secalert@redhat.com
http://www.ubuntu.com/usn/USN-2093-1
Source: secalert@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1043069
Source: secalert@redhat.com
Vendor Advisory
http://libvirt.org/news.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-updates/2014-02/msg00060.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://lists.opensuse.org/opensuse-updates/2014-02/msg00062.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://rhn.redhat.com/errata/RHSA-2014-0103.html
Source: af854a3a-2127-422b-91ae-364da2661108
http://secunia.com/advisories/56186
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/56446
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/60895
Source: af854a3a-2127-422b-91ae-364da2661108
http://security.gentoo.org/glsa/glsa-201412-04.xml
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.debian.org/security/2014/dsa-2846
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.ubuntu.com/usn/USN-2093-1
Source: af854a3a-2127-422b-91ae-364da2661108
https://bugzilla.redhat.com/show_bug.cgi?id=1043069
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory

22 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
0.9%
76th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-362

Affected Vendors

redhat

Related CVEs

CVE-2026-41971 5.5
CVE-2026-41970 6.8
CVE-2026-41969 6.2
CVE-2026-41968 5.9
CVE-2026-41967 5.9