CVE-2019-3840

A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.

References

Affected packages

Git / github.com/libvirt/libvirt

Affected ranges

Type

GIT

Repo

https://github.com/libvirt/libvirt

Events

Introduced

Fixed

1fb87664214b0b105c593703e948b33ef97c61c8

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.0.0"
        }
    ]
}

Affected versions

Other

CVE-2008-5086

CVE-2010-2238

CVE-2010-2242

CVE-2011-1146

CVE-2011-1486

CVE-2011-2178

CVE-2012-3411

CVE-2012-3445

CVE-2012-4423

CVE-2013-0170

CVE-2013-1962

CVE-2013-2218

CVE-2013-2230

CVE-2013-4153

CVE-2013-4154

CVE-2013-4239

CVE-2013-4291

CVE-2013-4292

CVE-2013-4296

CVE-2013-4297

CVE-2013-4311

CVE-2013-4399

CVE-2013-4400-1

CVE-2013-4400-2

CVE-2013-4400-3

CVE-2013-4401

CVE-2013-5651

CVE-2013-6436

CVE-2013-6456

CVE-2013-6457

CVE-2013-6458-1

CVE-2013-6458-2

CVE-2013-6458-3

CVE-2013-6458-4

CVE-2013-7336

CVE-2014-0028

CVE-2014-0179

CVE-2014-1447-1

CVE-2014-1447-2

CVE-2014-3633

CVE-2014-3657

CVE-2014-7823

CVE-2014-8131

CVE-2014-8131-1

CVE-2014-8131-2

CVE-2014-8135

CVE-2014-8136

CVE-2015-0236

CVE-2015-0236-1

CVE-2015-0236-2

CVE-2015-5247-1

CVE-2015-5247-2

CVE-2015-5247-3

CVE-2015-5313

CVE-2016-5008

CVE-2017-1000256

CVE-2017-2635

CVE-2018-1064

CVE-2018-5748

CVE-2018-6764

LIBVIRT_0_0_3

LIBVIRT_0_0_4

LIBVIRT_0_0_5

LIBVIRT_0_1_0

LIBVIRT_0_1_1

LIBVIRT_0_1_10

LIBVIRT_0_1_11

LIBVIRT_0_1_3

LIBVIRT_0_1_4

LIBVIRT_0_1_6

LIBVIRT_0_1_7

LIBVIRT_0_1_8

LIBVIRT_0_1_9

LIBVIRT_0_2_0

LIBVIRT_0_2_1

LIBVIRT_0_2_2

LIBVIRT_0_3_0

LIBVIRT_0_3_1

LIBVIRT_0_3_2

LIBVIRT_0_3_3

LIBVIRT_0_4_1

LIBVIRT_0_4_2

LIBVIRT_0_4_4

LIBVIRT_0_4_6

LIBVIRT_0_5_0

LIBVIRT_0_5_1

LIBVIRT_0_6_0

LIBVIRT_0_6_1

LIBVIRT_0_6_2

LIBVIRT_0_6_3

LIBVIRT_0_6_4

LIBVIRT_0_6_5

LIBVIR_0_0_1

LIBVIR_0_0_2

LIVIRT_0_2_3

v0.*

v0.0.1

v0.0.2

v0.0.3

v0.0.4

v0.0.5

v0.1.0

v0.1.1

v0.1.10

v0.1.11

v0.1.3

v0.1.4

v0.1.6

v0.1.7

v0.1.8

v0.1.9

v0.10.0

v0.10.0-rc0

v0.10.0-rc1

v0.10.0-rc2

v0.10.1

v0.10.2

v0.10.2-rc1

v0.10.2-rc2

v0.2.0

v0.2.1

v0.2.2

v0.2.3

v0.3.0

v0.3.1

v0.3.2

v0.3.3

v0.4.1

v0.4.2

v0.4.4

v0.4.6

v0.5.0

v0.5.1

v0.6.0

v0.6.1

v0.6.2

v0.6.3

v0.6.4

v0.6.5

v0.7.0

v0.7.1

v0.7.2

v0.7.3

v0.7.4

v0.7.5

v0.7.6

v0.7.7

v0.8.0

v0.8.1

v0.8.2

v0.8.3

v0.8.4

v0.8.5

v0.8.6

v0.8.7

v0.8.8

v0.9.0

v0.9.1

v0.9.10

v0.9.10-rc1

v0.9.10-rc2

v0.9.11

v0.9.11-rc1

v0.9.11-rc2

v0.9.12

v0.9.12-rc1

v0.9.12-rc2

v0.9.13

v0.9.13-rc1

v0.9.13-rc2

v0.9.2

v0.9.3

v0.9.3-rc1

v0.9.3-rc2

v0.9.4

v0.9.4-rc1

v0.9.4-rc2

v0.9.5

v0.9.5-rc1

v0.9.5-rc2

v0.9.5-rc3

v0.9.6

v0.9.7

v0.9.7-rc1

v0.9.8

v0.9.8-rc1

v0.9.8-rc2

v0.9.9

v0.9.9-rc1

v0.9.9-rc2

v1.*

v1.0.0

v1.0.0-rc1

v1.0.0-rc2

v1.0.0-rc3

v1.0.1

v1.0.1-rc1

v1.0.1-rc2

v1.0.2

v1.0.2-rc1

v1.0.2-rc2

v1.0.3

v1.0.3-rc1

v1.0.3-rc2

v1.0.4

v1.0.4-rc1

v1.0.4-rc2

v1.0.5

v1.0.5-rc1

v1.0.6

v1.0.6-rc1

v1.0.6-rc2

v1.1.0

v1.1.0-rc1

v1.1.0-rc2

v1.1.1

v1.1.1-rc1

v1.1.1-rc2

v1.1.2

v1.1.2-rc1

v1.1.2-rc2

v1.1.3

v1.1.3-rc1

v1.1.3-rc2

v1.1.4

v1.1.4-rc1

v1.1.4-rc2

v1.2.0

v1.2.0-rc1

v1.2.0-rc2

v1.2.1

v1.2.1-rc1

v1.2.1-rc2

v1.2.10

v1.2.10-rc1

v1.2.10-rc2

v1.2.11

v1.2.11-rc1

v1.2.11-rc2

v1.2.12

v1.2.12-rc1

v1.2.12-rc2

v1.2.13

v1.2.13-rc1

v1.2.13-rc2

v1.2.14

v1.2.14-rc1

v1.2.14-rc2

v1.2.15

v1.2.15-rc1

v1.2.15-rc2

v1.2.16

v1.2.16-rc1

v1.2.16-rc2

v1.2.17

v1.2.17-rc1

v1.2.17-rc2

v1.2.18

v1.2.18-rc1

v1.2.18-rc2

v1.2.19

v1.2.19-rc1

v1.2.19-rc2

v1.2.2

v1.2.2-rc1

v1.2.2-rc2

v1.2.20

v1.2.20-rc1

v1.2.20-rc2

v1.2.21

v1.2.21-rc1

v1.2.21-rc2

v1.2.3

v1.2.3-rc1

v1.2.3-rc2

v1.2.4

v1.2.4-rc1

v1.2.4-rc2

v1.2.5

v1.2.5-rc1

v1.2.5-rc2

v1.2.6

v1.2.6-rc1

v1.2.6-rc2

v1.2.7

v1.2.7-rc1

v1.2.7-rc2

v1.2.8

v1.2.8-rc1

v1.2.8-rc2

v1.2.9

v1.2.9-rc1

v1.2.9-rc2

v1.3.0

v1.3.0-rc1

v1.3.0-rc2

v1.3.1

v1.3.1-rc1

v1.3.1-rc2

v1.3.2

v1.3.2-rc1

v1.3.2-rc2

v1.3.3

v1.3.3-rc1

v1.3.3-rc2

v1.3.4

v1.3.4-rc1

v1.3.4-rc2

v1.3.5

v1.3.5-rc1

v2.*

v2.0.0

v2.0.0-rc1

v2.0.0-rc2

v2.1.0

v2.1.0-rc1

v2.2.0

v2.2.0-rc1

v2.2.0-rc2

v2.3.0

v2.3.0-rc1

v2.3.0-rc2

v2.4.0

v2.4.0-rc1

v2.4.0-rc2

v2.5.0

v2.5.0-rc1

v2.5.0-rc2

v3.*

v3.0.0

v3.0.0-rc1

v3.0.0-rc2

v3.1.0

v3.1.0-rc1

v3.1.0-rc2

v3.10.0

v3.10.0-rc1

v3.10.0-rc2

v3.2.0

v3.2.0-rc1

v3.2.0-rc2

v3.3.0

v3.3.0-rc1

v3.3.0-rc2

v3.4.0

v3.4.0-rc1

v3.4.0-rc2

v3.5.0

v3.5.0-rc1

v3.5.0-rc2

v3.6.0

v3.6.0-rc1

v3.6.0-rc2

v3.7.0

v3.7.0-rc1

v3.7.0-rc2

v3.8.0

v3.8.0-rc1

v3.9.0

v3.9.0-rc1

v3.9.0-rc2

v4.*

v4.0.0

v4.0.0-rc1

v4.0.0-rc2

v4.1.0

v4.1.0-rc1

v4.1.0-rc2

v4.10.0

v4.10.0-rc1

v4.10.0-rc2

v4.2.0

v4.2.0-rc1

v4.2.0-rc2

v4.3.0

v4.3.0-rc1

v4.3.0-rc2

v4.4.0

v4.4.0-rc1

v4.4.0-rc2

v4.5.0

v4.5.0-rc1

v4.5.0-rc2

v4.6.0

v4.6.0-rc1

v4.6.0-rc2

v4.7.0

v4.7.0-rc1

v4.7.0-rc2

v4.8.0

v4.8.0-rc1

v4.8.0-rc2

v4.9.0

v4.9.0-rc1

v5.*

v5.0.0-rc1

v5.0.0-rc2

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "15.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "42.3"
            }
        ]
    }
]

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-3840.json"