CVE-2019-20485
Description
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
Risk Information
Base Score
5.7
MODERATE
Vector
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.192
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-admin-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-bash-completion-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-client-4.5.0-36.el7.i686.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-client-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-config-network-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-config-nwfilter-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-interface-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-lxc-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-network-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-nodedev-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-nwfilter-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-qemu-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-secret-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-core-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-disk-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-gluster-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-iscsi-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-logical-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-mpath-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-rbd-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-driver-storage-scsi-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-kvm-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-daemon-lxc-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-devel-4.5.0-36.el7.i686.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-devel-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-docs-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-libs-4.5.0-36.el7.i686.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-libs-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-lock-sanlock-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-login-shell-4.5.0-36.el7.x86_64.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-nss-4.5.0-36.el7.i686.rpm | Linux |
| (RHSA-2020:4000) libvirt security and bug fix update libvirt-nss-4.5.0-36.el7.x86_64.rpm | Linux |
| Improper Input Validation Vulnerability (CVE-2019-20485) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234