Unrated severityNVD Advisory· Published Jun 2, 2020· Updated Aug 4, 2024
CVE-2020-10703
CVE-2020-10703
Description
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
85- osv-coords83 versionspkg:rpm/almalinux/hivexpkg:rpm/almalinux/hivex-develpkg:rpm/almalinux/libguestfs-winsupportpkg:rpm/almalinux/libiscsipkg:rpm/almalinux/libiscsi-develpkg:rpm/almalinux/libiscsi-utilspkg:rpm/almalinux/libnbdpkg:rpm/almalinux/libnbd-develpkg:rpm/almalinux/libvirtpkg:rpm/almalinux/libvirt-adminpkg:rpm/almalinux/libvirt-bash-completionpkg:rpm/almalinux/libvirt-clientpkg:rpm/almalinux/libvirt-daemonpkg:rpm/almalinux/libvirt-daemon-config-networkpkg:rpm/almalinux/libvirt-daemon-config-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-interfacepkg:rpm/almalinux/libvirt-daemon-driver-networkpkg:rpm/almalinux/libvirt-daemon-driver-nodedevpkg:rpm/almalinux/libvirt-daemon-driver-nwfilterpkg:rpm/almalinux/libvirt-daemon-driver-secretpkg:rpm/almalinux/libvirt-daemon-driver-storagepkg:rpm/almalinux/libvirt-daemon-driver-storage-corepkg:rpm/almalinux/libvirt-daemon-driver-storage-diskpkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsipkg:rpm/almalinux/libvirt-daemon-driver-storage-iscsi-directpkg:rpm/almalinux/libvirt-daemon-driver-storage-logicalpkg:rpm/almalinux/libvirt-daemon-driver-storage-mpathpkg:rpm/almalinux/libvirt-daemon-driver-storage-rbdpkg:rpm/almalinux/libvirt-daemon-driver-storage-scsipkg:rpm/almalinux/libvirt-dbuspkg:rpm/almalinux/libvirt-develpkg:rpm/almalinux/libvirt-docspkg:rpm/almalinux/libvirt-libspkg:rpm/almalinux/libvirt-nsspkg:rpm/almalinux/nbdfusepkg:rpm/almalinux/nbdkitpkg:rpm/almalinux/nbdkit-bash-completionpkg:rpm/almalinux/nbdkit-basic-filterspkg:rpm/almalinux/nbdkit-basic-pluginspkg:rpm/almalinux/nbdkit-curl-pluginpkg:rpm/almalinux/nbdkit-develpkg:rpm/almalinux/nbdkit-example-pluginspkg:rpm/almalinux/nbdkit-gzip-pluginpkg:rpm/almalinux/nbdkit-linuxdisk-pluginpkg:rpm/almalinux/nbdkit-python-pluginpkg:rpm/almalinux/nbdkit-serverpkg:rpm/almalinux/nbdkit-ssh-pluginpkg:rpm/almalinux/nbdkit-vddk-pluginpkg:rpm/almalinux/nbdkit-xz-filterpkg:rpm/almalinux/netcfpkg:rpm/almalinux/netcf-develpkg:rpm/almalinux/netcf-libspkg:rpm/almalinux/ocaml-hivexpkg:rpm/almalinux/ocaml-hivex-develpkg:rpm/almalinux/ocaml-libguestfspkg:rpm/almalinux/ocaml-libguestfs-develpkg:rpm/almalinux/ocaml-libnbdpkg:rpm/almalinux/ocaml-libnbd-develpkg:rpm/almalinux/perl-hivexpkg:rpm/almalinux/perl-Sys-Virtpkg:rpm/almalinux/python3-hivexpkg:rpm/almalinux/python3-libnbdpkg:rpm/almalinux/python3-libvirtpkg:rpm/almalinux/ruby-hivexpkg:rpm/almalinux/seabiospkg:rpm/almalinux/seabios-binpkg:rpm/almalinux/seavgabios-binpkg:rpm/almalinux/sgabiospkg:rpm/almalinux/sgabios-binpkg:rpm/almalinux/superminpkg:rpm/almalinux/supermin-develpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-ESPOSpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015-LTSSpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP1pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%2015-LTSSpkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP4pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 1.3.18-20.module_el8.3.0+2048+e7a0a3ea+ 82 more
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 8.2-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.18.0-8.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.0-2.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-28.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.16.2-4.module_el8.5.0+2608+72063365
- (no CPE)range: < 0.2.8-12.module_el8.5.0+2608+72063365
- (no CPE)range: < 0.2.8-12.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 0.2.8-12.module_el8.6.0+2880+7d9e3703
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1:1.40.2-25.module_el8.3.0+2048+e7a0a3ea.alma
- (no CPE)range: < 1:1.40.2-25.module_el8.3.0+2048+e7a0a3ea.alma
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 6.0.0-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.2.2-1.module_el8.5.0+2608+72063365
- (no CPE)range: < 6.0.0-1.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.3.18-20.module_el8.3.0+2048+e7a0a3ea
- (no CPE)range: < 1.13.0-2.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.13.0-2.module_el8.5.0+2608+72063365
- (no CPE)range: < 1.13.0-2.module_el8.5.0+2608+72063365
- (no CPE)range: < 1:0.20170427git-3.module_el8.5.0+2608+72063365
- (no CPE)range: < 1:0.20170427git-3.module_el8.5.0+2608+72063365
- (no CPE)range: < 5.1.19-10.module_el8.5.0+2608+72063365
- (no CPE)range: < 5.1.19-10.module_el8.5.0+2608+72063365
- (no CPE)range: < 4.0.0-9.32.1
- (no CPE)range: < 4.0.0-9.32.1
- (no CPE)range: < 5.1.0-8.16.1
- (no CPE)range: < 5.1.0-8.16.1
- (no CPE)range: < 4.0.0-8.20.2
- (no CPE)range: < 5.1.0-13.6.2
- (no CPE)range: < 4.0.0-9.32.1
- (no CPE)range: < 4.0.0-8.20.2
- (no CPE)range: < 5.1.0-13.6.2
- (no CPE)range: < 4.0.0-9.32.1
- (no CPE)range: < 4.0.0-8.20.2
- (no CPE)range: < 5.1.0-13.6.2
Patches
Vulnerability mechanics
References
8- bugzilla.redhat.com/show_bug.cgimitrevendor-advisory
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2024/04/msg00000.htmlmitremailing-list
- bugzilla.redhat.com/show_bug.cgimitre
- libvirt.org/git/mitre
- libvirt.org/git/mitre
- libvirt.org/git/mitre
- security.netapp.com/advisory/ntap-20200608-0005/mitre
News mentions
0No linked articles in our index yet.