CVE-2014-8136

NONE EPSS 31.3%
Published Dec 19, 201411y ago · Modified Jun 17, 20262w ago
Find Similar
Published Dec 19, 2014 11y ago
Last Modified Jun 17, 2026 2w ago

Description

The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.

Threat Intelligence

EPSS Exploit Probability
31.3% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Weaknesses 1

CWE-264

Affected Products 12

VendorProductVersionRange
mageiamageia4.0any
redhatlibvirt*any
canonicalubuntu_linux12.04any
canonicalubuntu_linux14.04any
canonicalubuntu_linux15.04any
canonicalubuntu_linux15.10any
opensuseopensuse13.1any
opensuseopensuse13.2any
redhatenterprise_linux_desktop7.0any
redhatenterprise_linux_hpc_node7.0any
redhatenterprise_linux_server7.0any
redhatenterprise_linux_workstation7.0any

References 9

  • advisories.mageia.org http://advisories.mageia.org/MGASA-2015-0002.html
    Third Party Advisory
  • libvirt.org http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=2bdcd29c713dfedd813c89f56ae98f6f3898313d
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-01/msg00003.html
    Third Party Advisory
  • lists.opensuse.org http://lists.opensuse.org/opensuse-updates/2015-01/msg00005.html
    Third Party Advisory
  • rhn.redhat.com http://rhn.redhat.com/errata/RHSA-2015-0323.html
    Third Party Advisory
  • secunia.com http://secunia.com/advisories/61111
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2015:023
    Broken Link
  • mandriva.com http://www.mandriva.com/security/advisories?name=MDVSA-2015:070
    Broken Link
  • ubuntu.com http://www.ubuntu.com/usn/USN-2867-1
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.