{"id":"CVE-2011-4600","details":"The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query.","modified":"2026-01-27T04:11:58.918547Z","published":"2016-04-14T15:59:00Z","withdrawn":"2026-01-27T04:11:58.918547Z","related":["openSUSE-SU-2024:10209-1"],"references":[{"type":"ADVISORY","url":"http://libvirt.org/news-2012.html"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2867-1"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=760442"},{"type":"WEB","url":"http://libvirt.org/git/?p=libvirt.git%3Ba=commitdiff%3Bh=ae1232b298323dd7bef909426e2ebafa6bca9157"}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}