oss-sec mailing list archives
Re: CVE request: libvirt when compiled with openvz support has a potential security hole
From: Eugene Teo <eugene () redhat com>
Date: Wed, 08 Dec 2010 09:07:30 +0800
On 12/08/2010 08:21 AM, Vincent Danen wrote:
We were notified of a fix to upstream libvirt that plugs a potential security hole (buffer overflow) via the OpenVZ support in libvirt. Red Hat and Fedora do not ship libvirt with OpenVZ support enabled; I'm not sure if other vendors do or not. The patch was posted publicly today, and although it's a low impact issue, probably needs a CVE name. https://www.redhat.com/archives/libvir-list/2010-December/msg00348.html
CC'ed Steve. Eugene
Current thread:
- CVE request: libvirt when compiled with openvz support has a potential security hole Vincent Danen (Dec 07)
- Re: CVE request: libvirt when compiled with openvz support has a potential security hole Eugene Teo (Dec 07)
- Re: CVE request: libvirt when compiled with openvz support has a potential security hole Vincent Danen (Dec 08)
- Re: CVE request: libvirt when compiled with openvz support has a potential security hole Eugene Teo (Dec 07)