CVE-2014-1447 PoC — Red Hat libvirt‘virNetServerClientStartKeepAlive’函数竞争条件漏洞

Source

https://github.com/tagatac/libvirt-CVE-2014-1447

Associated Vulnerability

Title:Red Hat libvirt‘virNetServerClientStartKeepAlive’函数竞争条件漏洞 (CVE-2014-1447)
Description:Red Hat libvirt是美国红帽（Red Hat）公司的一个用于实现Linux虚拟化功能的Linux API，它支持各种Hypervisor，包括Xen和KVM，以及QEMU和用于其他操作系统的一些虚拟产品。 Red Hat libvirt 1.2.0及之前版本中的‘virNetServerClientStartKeepAlive’函数中存在竞争条件漏洞。远程攻击者可通过在发送keepalive响应前关闭连接，利用该漏洞造成拒绝服务（libvirtd崩溃）。

Description

Libvirt - Unauthenticated DoS Vulnerability (Exploit & Time Randomization to Thwart It)

File Snapshot


 [4.0K]  /data/pocs/ed95148cd82571f06c53ec63433c565dd85edcdb
├── [4.0K]  analysis
│   ├── [2.6K]  20150128results-by100.csv
│   ├── [1.2K]  20150128results-by5000-noperf.csv
│   ├── [ 42K]  20150129results-by5000.csv
│   ├── [235K]  20150202results-by1000.csv
│   ├── [ 321]  20150203T1104benchmark.txt
│   └── [1.1K]  gen_fig.py
├── [  45]  bug.sh
├── [3.0K]  experiment.py
├── [6.0K]  gen_interpose.py
├── [ 18M]  libvirt-0.9.8.tar.gz
├── [7.6M]  ltracelibvirtd.out
├── [2.4K]  Makefile
├── [ 128]  microbench.sh
├── [ 476]  mk-tsan.sh
├── [ 696]  perftest.c
├── [ 19K]  prototypes.txt
├── [1.5K]  repeatbug.py
├── [ 436]  reproducer.patch
└── [ 499]  sleep.patch

1 directory, 19 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!