Unrated severityNVD Advisory· Published Mar 15, 2011· Updated Jun 16, 2026
CVE-2011-1146
CVE-2011-1146
Description
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3Patches
Vulnerability mechanics
References
23- bugs.debian.org/cgi-bin/bugreport.cginvdPatch
- openwall.com/lists/oss-security/2011/03/09/3nvdPatch
- openwall.com/lists/oss-security/2011/03/10/5nvdPatch
- bugzilla.redhat.com/show_bug.cginvdPatch
- secunia.com/advisories/43670nvdVendor Advisory
- libvirt.org/git/nvd
- lists.fedoraproject.org/pipermail/package-announce/2011-March/056209.htmlnvd
- lists.opensuse.org/opensuse-updates/2011-04/msg00022.htmlnvd
- secunia.com/advisories/43780nvd
- secunia.com/advisories/43897nvd
- secunia.com/advisories/43917nvd
- secunia.com/advisories/44069nvd
- www.debian.org/security/2011/dsa-2194nvd
- www.redhat.com/support/errata/RHSA-2011-0391.htmlnvd
- www.securityfocus.com/bid/46820nvd
- www.securitytracker.com/idnvd
- www.ubuntu.com/usn/USN-1094-1nvd
- www.vupen.com/english/advisories/2011/0694nvd
- www.vupen.com/english/advisories/2011/0700nvd
- www.vupen.com/english/advisories/2011/0794nvd
- www.vupen.com/english/advisories/2011/0805nvd
- bugzilla.novell.com/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/66012nvd
News mentions
0No linked articles in our index yet.