Unrated severityNVD Advisory· Published Jun 2, 2020· Updated Aug 4, 2024
CVE-2020-10703
CVE-2020-10703
Description
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
8- bugzilla.redhat.com/show_bug.cgimitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2024/04/msg00000.htmlmitremailing-list
- bugzilla.redhat.com/show_bug.cgimitre
- libvirt.org/git/mitre
- libvirt.org/git/mitre
- libvirt.org/git/mitre
- security.netapp.com/advisory/ntap-20200608-0005/mitre
News mentions
0No linked articles in our index yet.