CVE-2013-2124 (GCVE-0-2013-2124)
Vulnerability from cvelistv5
Published
2014-05-27 15:00
Modified
2024-08-06 15:27
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T15:27:40.656Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[oss-security] 20130529 Re: Re: CVE Request -- libguestfs (1.20.6 | 1.22.0 | 1.23.0 \u003c= X \u003c 1.22.1 | 1.23.1): Denial of service due to a double-free when inspecting certain guest files / images",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://seclists.org/oss-sec/2013/q2/431"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd"
},
{
"name": "libguestfs-cve20132124-inspectfs-dos(85145)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85145"
},
{
"name": "[Libguestfs] 20130528 ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-May/msg00079.html"
},
{
"name": "[Libguestfs] 20130528 Re: ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-May/msg00080.html"
},
{
"name": "93724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/93724"
},
{
"name": "60205",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/60205"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2013-05-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "[oss-security] 20130529 Re: Re: CVE Request -- libguestfs (1.20.6 | 1.22.0 | 1.23.0 \u003c= X \u003c 1.22.1 | 1.23.1): Denial of service due to a double-free when inspecting certain guest files / images",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://seclists.org/oss-sec/2013/q2/431"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd"
},
{
"name": "libguestfs-cve20132124-inspectfs-dos(85145)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85145"
},
{
"name": "[Libguestfs] 20130528 ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-May/msg00079.html"
},
{
"name": "[Libguestfs] 20130528 Re: ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://www.redhat.com/archives/libguestfs/2013-May/msg00080.html"
},
{
"name": "93724",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/93724"
},
{
"name": "60205",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/60205"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2013-2124",
"datePublished": "2014-05-27T15:00:00",
"dateReserved": "2013-02-19T00:00:00",
"dateUpdated": "2024-08-06T15:27:40.656Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2013-2124\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2014-05-27T14:55:06.870\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Double free vulnerability in inspect-fs.c in LibguestFS 1.20.x before 1.20.7, 1.21.x, 1.22.0, and 1.23.0 allows remote attackers to cause a denial of service (crash) via empty guest files.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad de doble liberaci\u00f3n en inspect-fs.c en LibguestFS 1.20.x anterior a 1.20.7, 1.21.x, 1.22.0 y 1.23.0 permite a atacantes remotos causar una denegaci\u00f3n de servicio (ca\u00edda) a trav\u00e9s de archivos de invitados vac\u00edos.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:N/A:P\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"662D8743-9FBE-4048-8511-6C9AF4193706\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6CEAA548-615C-4B5B-9E2C-7E65620EEFE6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9825024C-F3AD-4B76-8B43-B6F78DB0B3EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6A1FC10-0A20-4EA6-94D5-34629D059E03\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B688FBA6-1892-4EDC-A049-E90867EC4EEE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ACA9267E-D50E-4AE9-873C-C07797E4B8D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.20.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"02DF3922-A28E-4CFA-9907-2FAED0D72029\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A13F7320-1B55-4814-A098-940D21A462F3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D27A0A05-6482-4B3F-A4A4-B1E0F82885DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D91BEF4-301D-4A74-8C43-697B23B2E8B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A76C10D-BD16-443D-9A7D-8938AAC6552C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A12C8F3-C5B2-43ED-B729-FD51DE870952\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A57EF2D-E4C8-46A7-8889-349091EDE1B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DE39222C-BEAA-428D-A165-44DB34F79F9E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"09A64839-3B75-404C-A48F-3D5784627303\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B126466-0774-43AD-9A16-74B3681AFEF2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B5315942-D14F-4D2A-BDA5-B4885C090784\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5F7DCCBA-7340-49BC-8123-3539AA1B9BAC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"672D8506-6DC4-4E40-8843-FCB22212EBC5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"013A015E-AE93-44AE-991E-034DF06AE079\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AEA156D2-8AB4-477F-A75E-6BAB37361955\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9147F40-98D4-44B3-8FF5-DAB43BC23759\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71EDD82-6320-4A68-9107-0436887BD86B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.17:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5E37E1CF-3969-483C-B68F-8A42E65DB050\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.18:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51693632-CFAB-466C-B0A0-49257871BA0A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.19:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EA5DE95-07D8-4DB2-91CE-C7DE34E0D603\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.20:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3E39349B-5656-4989-96E2-EF0351C582E3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.21:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8B72D9E7-A1D4-4273-A7F1-FECB74D3AFE4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.22:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2B23A55A-9E76-4ED6-8327-2F6362813C8C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.23:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9C4AD1A3-962B-4575-A8A6-BAADB193D352\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.24:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9B1F3731-012A-4323-9000-153105F4B5C0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F71207B8-E4BD-403D-8C0E-01E57179A3F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.26:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"16F95FE6-A5A2-4F96-8AAE-A478E0C5E2B2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.27:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"96C11574-11A3-408F-B84F-AC9D6C3A7D37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.28:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01AFC167-0E2E-4EA7-B7E6-DFBB947EEE28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.29:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"44D1FD90-C5CD-454E-A233-D979E118F20B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39F723F4-5261-4BEE-BDD7-5E8B86E220EC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0EFFBA88-0803-4FA1-B94E-98EA4542071E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"34208517-5E4C-42BA-9D85-76DC55FD10BE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E7E9392B-178B-41DF-B7EA-146DF22301B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.34:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF4E45B3-14CF-44D4-B64B-4C07B726ADC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.35:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7E354617-F38F-4982-B418-FB3F6DD7E215\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.36:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCC2A523-707B-4F0A-8ACD-2951C6C269BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"62216E2C-7A84-4F4D-92CC-EC32EECE7B82\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B523AB06-16E6-4F6C-B96A-F705550AACC4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7198CD5-595C-4DB2-AC26-218DF2005CBB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.21.40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8080CA6-AE70-43A7-8F76-0B316DD876A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.22.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D05D11AF-F047-4072-892F-A93C702A94EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:libguestfs:libguestfs:1.23.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E484129B-92AD-4A85-845F-4944BDBCF87A\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/93724\",\"source\":\"secalert@redhat.com\"},{\"url\":\"http://seclists.org/oss-sec/2013/q2/431\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/60205\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85145\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://www.redhat.com/archives/libguestfs/2013-May/msg00079.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.redhat.com/archives/libguestfs/2013-May/msg00080.html\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://osvdb.org/93724\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/oss-sec/2013/q2/431\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/60205\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/85145\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Patch\"]},{\"url\":\"https://www.redhat.com/archives/libguestfs/2013-May/msg00079.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://www.redhat.com/archives/libguestfs/2013-May/msg00080.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]}],\"evaluatorComment\":\"Per: http://cwe.mitre.org/data/definitions/415.html\\n\\n\\\"CWE-415: Double Free\\\"\"}}"
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…