Home CVE Database CVE-2020-10703

CVE-2020-10703

Description

A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.

Priority: MEDIUM
CVSS v3: 6.5
Publish Date: Jun 2, 2020
Related ID: --
CVSS v2: MEDIUM
Modified Date: Jun 8, 2020

Find out more about CVE-2020-10703 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Product Name Status Defect Fixed Downloads
Linux
Wind River Linux LTS 17 Not Vulnerable -- -- --
Wind River Linux 9 Not Vulnerable -- -- --
Wind River Linux 8 Not Vulnerable -- -- --
Wind River Linux LTS 18 Fixed LIN1018-6257
10.18.44.18 --
Wind River Linux LTS 19 Fixed LIN1019-4770
10.19.45.9 --
Wind River Linux CD release Not Vulnerable -- -- --
VxWorks
VxWorks 7 Not Vulnerable -- -- --
VxWorks 6.9 Not Vulnerable -- -- --

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

libvirt

Live chat
Online