The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2014-10-06T14:00:00
Updated: 2014-11-13T13:57:01
Reserved: 2014-05-14T00:00:00
Link: CVE-2014-3657
JSON object: View
NVD Information
Status : Modified
Published: 2014-10-06T14:55:10.110
Modified: 2023-02-13T00:41:38.657
Link: CVE-2014-3657
JSON object: View
Redhat Information
No data.
CWE