CVE-2014-8136
EPSS 0.09%
Description
The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors.
How to fix CVE-2014-8136
To remediate CVE-2014-8136, upgrade the affected package to a fixed version below.
- Debian/libvirt—upgrade to 1.2.9-7 or later
Is CVE-2014-8136 being exploited?
Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.2.9-7