oss-sec mailing list archives
CVE request -- libvirt: virBitmapParse out-of-bounds read access
From: Petr Matousek <pmatouse () redhat com>
Date: Thu, 29 Aug 2013 16:20:00 +0200
The virBitmapParse function was calling virBitmapIsSet() function that requires the caller to check the bounds of the bitmap without checking them. This resulted into crashes when parsing a bitmap string that was exceeding the bounds used as argument. Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0fc89098a68f0f6962de8be4fc03ddd960ffbf08 Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=47b9127e883677a0d60d767030a147450e919a25 References: https://bugzilla.redhat.com/show_bug.cgi?id=997367 Thanks, -- Petr Matousek / Red Hat Security Response Team
Current thread:
- CVE request -- libvirt: virBitmapParse out-of-bounds read access Petr Matousek (Aug 29)
- Re: CVE request -- libvirt: virBitmapParse out-of-bounds read access cve-assign (Aug 29)