Launchpad CVE tracker

CVE 2014-8136

The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.

Related bugs and status

CVE-2014-8136 (Candidate) is related to these bugs:

Bug #1534262: Outdated (vulnerable) libvirt package in MOS 6.0

		In	Importance	Status
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack	High	Fix Released
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack 7.0.x	High	Fix Released
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack 6.1.x	High	Fix Released
1534262	Outdated (vulnerable) libvirt package in MOS 6.0	Mirantis OpenStack 5.1.x	High	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://secunia.com/adv...
MISC: http://www.mandriva.co...
MISC: http://www.mandriva.co...
MISC: http://rhn.redhat.com/...
MISC: http://www.ubuntu.com/...
MISC: http://advisories.mage...
MISC: http://libvirt.org/git...
MISC: http://lists.opensuse....
MISC: http://lists.opensuse....

Launchpad.net

CVE 2014-8136

Related bugs and status

Related bugs

References