VDB

GCVE-110-MAGEIA-2014-401

GCVE-110-MAGEIA-2014-401
Advisory Published
Vulnetix · Advisory published October 7, 2014
Updated libvirt packages fix security vulnerabilities: An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent (live) disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process (CVE-2014-3633). A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive (CVE-2014-3657).

Affected Products

VendorProductVersionsPlatforms
Mageialibvirt0 (affected), 1.0.2-8.6.mga3 (unaffected)
Mageialibvirt1.2.1-1.2.mga4 (unaffected), 0 (affected)

Browse GCVE Records

73,442 records in the GCVE database · Updated July 17, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›