VYPR
Unrated severityNVD Advisory· Published Apr 15, 2014· Updated Jun 17, 2026

CVE-2013-6456

CVE-2013-6456

Description

The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

22
  • Red Hat/Libvirt19 versions
    cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*+ 18 more
    • cpe:2.3:a:redhat:libvirt:1.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.3:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.4:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5.3:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.5.6:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:redhat:libvirt:1.2.1:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
  • Libvirt/Libvirtllm-fuzzy
    Range: 1.0.1 - 1.2.1

Patches

Vulnerability mechanics

References

12

News mentions

0

No linked articles in our index yet.