oss-sec mailing list archives

CVE request -- libvirt: crash of libvirtd without guest agent configuration

From: Petr Matousek <pmatouse () redhat com>
Date: Fri, 19 Jul 2013 18:14:52 +0200

If users haven't configured guest agent then qemuAgentCommand() will
dereference a NULL 'mon' pointer.

A remote user able to issue commands to libvirt daemon could use this
flaw to crash libvirtd.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=986386
https://bugzilla.redhat.com/show_bug.cgi?id=984821
https://www.redhat.com/archives/libvir-list/2013-July/msg00992.html

Upstream fix:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=96518d4316b711c72205117f8d5c967d5127bbb6

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Current thread:

CVE request -- libvirt: crash of libvirtd without guest agent configuration Petr Matousek (Jul 19)
- Re: CVE request -- libvirt: crash of libvirtd without guest agent configuration Kurt Seifried (Jul 19)