oss-sec mailing list archives

Re: CVE request: libvirt: integer overflow in VirDomainGetVcpus

From: Josh Bressers <bressers () redhat com>
Date: Wed, 29 Jun 2011 15:57:05 -0400 (EDT)

Please use CVE-2011-2511.

Thanks.

-- 
    JB


----- Original Message -----

It has been found that calling VirDomainGetVcpus with bogus parameters
can lead to integer overflow and subsequent heap corruption. A remote
attacker could use this flaw to crash libvirtd (DoS).

Upstream patch:
https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html

References:
https://bugzilla.redhat.com/show_bug.cgi?id=717199
https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html

Thanks,
--
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request: libvirt: integer overflow in VirDomainGetVcpus Petr Matousek (Jun 28)
- Re: CVE request: libvirt: integer overflow in VirDomainGetVcpus Josh Bressers (Jun 29)