CVE-2011-4600

moderate-risk

Published 2016-04-14

The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.

Do I need to act?

0.31% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.9/10 Medium

NETWORK / HIGH complexity

Affected Products (5)

Ubuntu Linux

Libvirt

Affected Vendors

Canonical Redhat

References (8)

http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=ae1232b298323dd7bef9094...

Vendor Advisory http://libvirt.org/news-2012.html

http://www.ubuntu.com/usn/USN-2867-1

https://bugzilla.redhat.com/show_bug.cgi?id=760442

http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=ae1232b298323dd7bef9094...

Vendor Advisory http://libvirt.org/news-2012.html

http://www.ubuntu.com/usn/USN-2867-1

https://bugzilla.redhat.com/show_bug.cgi?id=760442

/ 100

moderate-risk

Severity 18/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 12/34 · Low