oss-sec mailing list archives
CVE Request -- libvirt: crash in virTypedParameterArrayClear
From: Petr Matousek <pmatouse () redhat com>
Date: Tue, 31 Jul 2012 16:59:44 +0200
It has been found that sending crafted RPC command with nparams set to 0 can lead to libvirtd accessing random memory, possibly leading to crash. A remote attacker could use this flaw to crash libvirtd (DoS). Upstream proposed fix: https://www.redhat.com/archives/libvir-list/2012-July/msg01650.html References: https://www.redhat.com/archives/libvir-list/2012-July/msg01650.html https://bugzilla.redhat.com/show_bug.cgi?id=844734 Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE Request -- libvirt: crash in virTypedParameterArrayClear Petr Matousek (Jul 31)
- Re: CVE Request -- libvirt: crash in virTypedParameterArrayClear Kurt Seifried (Jul 31)