A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as network-based pools like gluster and RBD. Unprivileged users with a read-only connection could abuse this flaw to crash the libvirt daemon, resulting in a potential denial of service.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2020-06-02T00:00:00

Updated: 2024-08-04T11:06:11.183Z

Reserved: 2020-03-20T00:00:00

Link: CVE-2020-10703

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-06-02T13:15:10.873

Modified: 2024-11-21T04:55:53.340

Link: CVE-2020-10703

cve-icon Redhat

Severity : Moderate

Publid Date: 2020-01-14T00:00:00Z

Links: CVE-2020-10703 - Bugzilla