oss-sec mailing list archives
Re: [Libvirt-Security] [oss-security] CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters
From: Eric Blake <eblake () redhat com>
Date: Mon, 01 Jul 2013 13:06:51 -0600
On 07/01/2013 12:49 PM, Kurt Seifried wrote:
On 07/01/2013 09:21 AM, Petr Matousek wrote:The virConnectListAllInterfaces method has a double-free of the 'struct netcf_if' object when any of the filtering flags cause an interface to be skipped over. For example when running the command 'virsh iface-list --inactive'Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11References: https://bugzilla.redhat.com/show_bug.cgi?id=980112Thanks,Please use CVE-2013-2229 for this issue.
No, we already assigned CVE-2013-2218 to this issue. CVE-2013-2229 should be closed as a mistake, or reused for some other purpose. -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Petr Matousek (Jul 01)
- Re: CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Kurt Seifried (Jul 01)
- Re: [Libvirt-Security] [oss-security] CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Eric Blake (Jul 01)
- Re: CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Agostino Sarubbo (Jul 01)
- Re: CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Kurt Seifried (Jul 01)