{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-09-12T00:00:00", "descriptions": [{"lang": "en", "value": "The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a \"gap\" in the RPC dispatch table."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2013-01-29T10:00:00", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"}, {"name": "FEDORA-2012-15640", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"}, {"name": "FEDORA-2012-15634", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"}, {"name": "openSUSE-SU-2013:0274", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"}, {"name": "1027649", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027649"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"}, {"name": "[libvirt] 20120912 [PATCH] Fix libvirtd crash possibility", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"}, {"name": "55541", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/55541"}, {"name": "RHSA-2012:1359", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"}, {"name": "USN-1708-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-1708-1"}, {"name": "[oss-security] 20120913 Re: CVE Request -- libvirt: null function pointer invocation in virNetServerProgramDispatchCall()", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T20:35:09.551Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"}, {"name": "FEDORA-2012-15640", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"}, {"name": "FEDORA-2012-15634", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"}, {"name": "openSUSE-SU-2013:0274", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"}, {"name": "1027649", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027649"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"}, {"name": "[libvirt] 20120912 [PATCH] Fix libvirtd crash possibility", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"}, {"name": "55541", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/55541"}, {"name": "RHSA-2012:1359", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"}, {"name": "USN-1708-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-1708-1"}, {"name": "[oss-security] 20120913 Re: CVE Request -- libvirt: null function pointer invocation in virNetServerProgramDispatchCall()", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-4423", "datePublished": "2012-11-19T11:00:00", "dateReserved": "2012-08-21T00:00:00", "dateUpdated": "2024-08-06T20:35:09.551Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*", "matchCriteriaId": "B436D1F7-1C63-43A1-98E7-3E9D07E8EB4B", "versionEndIncluding": "0.10.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "4AFF5EF5-280A-499B-BD63-361EDC49A923", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.2:*:*:*:*:*:*:*", "matchCriteriaId": "C2A0DD5B-AFDD-4DA4-B19C-2CA73FA9B477", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.3:*:*:*:*:*:*:*", "matchCriteriaId": "DE616C79-74E0-4876-83D7-BE04CB954F92", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.4:*:*:*:*:*:*:*", "matchCriteriaId": "87FF4782-A017-4D6F-9588-BE0AD4AA04E1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.5:*:*:*:*:*:*:*", "matchCriteriaId": "4B7FDA56-4C79-4D79-9EDA-8A936C7D8DE9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.0.6:*:*:*:*:*:*:*", "matchCriteriaId": "FF62226E-E4FE-4AF5-86A2-344148158A22", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "C540F8A3-E12A-403B-81D2-CDB28DE03E47", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "A0900588-EBF9-4459-B1D7-588B72E40689", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "FE650A9D-D12D-43C5-B276-B3116CF096F0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "359F1970-822B-4430-86EB-15091B2B4338", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "D08DB661-40DF-4234-9F6B-2EE0746FAC8F", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.6:*:*:*:*:*:*:*", "matchCriteriaId": "E86D1293-6881-4F9D-B245-E16040921DF1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.7:*:*:*:*:*:*:*", "matchCriteriaId": "C49F1101-0845-478F-BEA1-67185A763D37", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.8:*:*:*:*:*:*:*", "matchCriteriaId": "4F1FDF3E-87F8-4CBF-99F8-DBB03C7D2318", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.1.9:*:*:*:*:*:*:*", "matchCriteriaId": "DA319732-E860-459E-9C20-ED31D90510DE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "06B16020-5330-4F99-8DD3-8B4037E22CFB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "9BCA6D83-281F-4B28-9CB2-253614017B5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "FEBBD0C7-F9D3-48D4-8D76-1FAFFB049300", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "C97CB42C-C89F-4BE6-80AC-A020EBF369FA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "FCC2F2D6-90E3-4306-A29A-0A507BDF889C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "AB533B81-AFF3-442E-A499-555F2181F64D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "53AD34A3-9097-4375-BB30-CAED13987396", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.3.3:*:*:*:*:*:*:*", "matchCriteriaId": "80E37E3B-18A8-4D34-9400-2C18D0DBAAAA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "36EAE07C-284D-4BEB-ABDF-28C157B3B90B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.1:*:*:*:*:*:*:*", "matchCriteriaId": "E28C5275-39D4-4C7C-A064-70161FE35802", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.2:*:*:*:*:*:*:*", "matchCriteriaId": "643D7C4C-6BD9-49CE-A7FD-819300CA955C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.3:*:*:*:*:*:*:*", "matchCriteriaId": "77476F3F-A914-4EC6-9488-189BD9E1AE6A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.4:*:*:*:*:*:*:*", "matchCriteriaId": "B22C7B3D-169D-45CC-B1C1-9864991B3E05", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.5:*:*:*:*:*:*:*", "matchCriteriaId": "3D6D1F10-2908-42E0-8D8F-1FBBC804505D", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.4.6:*:*:*:*:*:*:*", "matchCriteriaId": "FC9ABBF2-B1AD-446A-A3D2-E103D1B411A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "450BD95B-5CE1-49E7-B6DB-6C14D9115CC1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "508578FC-BDC7-4B44-9F98-BD6CD657F57B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.0:*:*:*:*:*:*:*", "matchCriteriaId": "FD25F37B-C666-4EDB-AD77-CCE04A800348", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.1:*:*:*:*:*:*:*", "matchCriteriaId": "B8903EA9-D354-4C9E-B308-653689534AFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.2:*:*:*:*:*:*:*", "matchCriteriaId": "F811BE37-6F53-4663-819F-E954787C345B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.3:*:*:*:*:*:*:*", "matchCriteriaId": "2886A659-24BD-483B-8FCD-5BC21573EE42", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.4:*:*:*:*:*:*:*", "matchCriteriaId": "65FD148D-0088-47D5-AAC1-E0E990F9D170", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.6.5:*:*:*:*:*:*:*", "matchCriteriaId": "84613074-CFA0-4C0B-B896-0751F652EA71", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "2BCCF73F-8542-4955-ACD6-44F199D49CB3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "05C7EF0F-C069-424A-9B3F-D07C72450ADA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "5F25DF6A-34D5-4D5B-AFAF-7A21202460EC", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B67C29ED-2975-47F0-AE75-875A380ECC56", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.4:*:*:*:*:*:*:*", "matchCriteriaId": "EC90B806-1FB3-434E-A664-2842AD3BA9CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.5:*:*:*:*:*:*:*", "matchCriteriaId": "8DCDC5B5-1DD4-4FF4-8AB4-D38F5418B873", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.6:*:*:*:*:*:*:*", "matchCriteriaId": "0054B43A-F844-47C8-B03A-01696117B7E7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.7.7:*:*:*:*:*:*:*", "matchCriteriaId": "A5C78A50-0F41-405C-9ABA-EE088D0ABE60", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.0:*:*:*:*:*:*:*", "matchCriteriaId": "8322F4E2-0AD0-497B-871E-233C0E0F1490", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.1:*:*:*:*:*:*:*", "matchCriteriaId": "E41CEF32-4998-41D5-B971-12E7F4E39FB9", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.2:*:*:*:*:*:*:*", "matchCriteriaId": "E43FD74C-5986-4E9E-9C4F-9891133084A7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.3:*:*:*:*:*:*:*", "matchCriteriaId": "8D504B27-7BD0-4CB1-B8CA-76B7C537A4C3", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.4:*:*:*:*:*:*:*", "matchCriteriaId": "CBFD9B43-52BA-4FF9-84A1-369B1A96A166", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.5:*:*:*:*:*:*:*", "matchCriteriaId": "10EE76EF-44D3-4645-B1E7-5BCFB4CB4204", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.6:*:*:*:*:*:*:*", "matchCriteriaId": "934215BC-33D1-453F-B49B-23B52E580214", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.7:*:*:*:*:*:*:*", "matchCriteriaId": "F274792B-F190-4A23-A551-6B07EA4028B1", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.8.8:*:*:*:*:*:*:*", "matchCriteriaId": "F9D67FBC-4009-4FC1-B0CF-AA3C1505C2F4", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2059834-5A26-4DB9-B400-DBBE15690AAB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.1:*:*:*:*:*:*:*", "matchCriteriaId": "F2F6277D-6732-44BA-91B4-D57877E011BD", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.2:*:*:*:*:*:*:*", "matchCriteriaId": "2553A171-A830-4540-8CC6-51275F72AAEB", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.3:*:*:*:*:*:*:*", "matchCriteriaId": "61C2C484-7AAB-475C-A44E-6D9DCF597DD8", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.4:*:*:*:*:*:*:*", "matchCriteriaId": "04A75CCF-28E1-44CC-962C-C56A4F64B370", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.5:*:*:*:*:*:*:*", "matchCriteriaId": "B0E8A1AF-740A-454C-8019-B52654589603", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.6:*:*:*:*:*:*:*", "matchCriteriaId": "F040825C-C457-40A1-A04C-F362289E13F7", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.7:*:*:*:*:*:*:*", "matchCriteriaId": "3327FB7D-92DB-479F-BF1C-2565C8F1B25C", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.8:*:*:*:*:*:*:*", "matchCriteriaId": "48F55C0A-3E6E-4E24-81D7-F023728E486A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.9:*:*:*:*:*:*:*", "matchCriteriaId": "ACB7C00E-DF4E-40AF-A503-202A2FE03D5E", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.10:*:*:*:*:*:*:*", "matchCriteriaId": "6AB4E8A8-2B6C-4287-937B-C67A97EAB67A", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.11:*:*:*:*:*:*:*", "matchCriteriaId": "53C3F149-D917-4BB6-B264-F316DD96D2B0", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.12:*:*:*:*:*:*:*", "matchCriteriaId": "78C18997-7086-4BB0-8490-EDB5394951F6", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.9.13:*:*:*:*:*:*:*", "matchCriteriaId": "37F280ED-37E3-4AB5-9BF1-AC935D904503", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:libvirt:0.10.0:*:*:*:*:*:*:*", "matchCriteriaId": "0AC1F6BC-AB75-45F7-B846-D8900A0C690A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a \"gap\" in the RPC dispatch table."}, {"lang": "es", "value": "La funci\u00f3n virNetServerProgramDispatchCall en libvirt antes de v0.10.2 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (desreferencia puntero NULL y fallo de segmentaci\u00f3n) a trav\u00e9s de una llamada RPC con (1) un evento como el n\u00famero RPC o (2) un n\u00famero RPC cuyo valor es en un \"hueco\" en la tabla RPC."}], "id": "CVE-2012-4423", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-19T12:10:52.040", "references": [{"source": "secalert@redhat.com", "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"}, {"source": "secalert@redhat.com", "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/55541"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1027649"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-1708-1"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"}, {"source": "secalert@redhat.com", "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=b7ff9e696063189a715802d081d55a398663c15a"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=f8fbeb50d52520a109d71c8566fed2ea600650ec"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/089976.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2012-October/090121.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00001.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://rhn.redhat.com/errata/RHSA-2012-1359.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/09/13/14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/55541"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1027649"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.ubuntu.com/usn/USN-1708-1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://www.redhat.com/archives/libvir-list/2012-September/msg00843.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Wenlong Huang (Red Hat Virtualization QE Team).", "affected_release": [{"advisory": "RHSA-2012:1359", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "libvirt-0:0.9.10-21.el6_3.5", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2012-10-11T00:00:00Z"}], "bugzilla": {"description": "libvirt: null function pointer invocation in virNetServerProgramDispatchCall()", "id": "857133", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=857133"}, "csaw": false, "cvss": {"cvss_base_score": "3.3", "cvss_scoring_vector": "AV:A/AC:L/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a \"gap\" in the RPC dispatch table."], "name": "CVE-2012-4423", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "libvirt", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2012-07-24T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2012-4423\nhttps://nvd.nist.gov/vuln/detail/CVE-2012-4423"], "statement": "The versions of libvirt as shipped with Red Hat Enterprise Linux 5 are not affected.\nThis issue did affect the versions of the libvirt package as shipped with Red Hat Enterprise Linux 6.", "threat_severity": "Moderate"}