oss-sec mailing list archives
Re: CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 01 Jul 2013 12:49:51 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/01/2013 09:21 AM, Petr Matousek wrote:
The virConnectListAllInterfaces method has a double-free of the 'struct netcf_if' object when any of the filtering flags cause an interface to be skipped over. For example when running the command 'virsh iface-list --inactive' Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11 References: https://bugzilla.redhat.com/show_bug.cgi?id=980112 Thanks,
Please use CVE-2013-2229 for this issue. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) iQIcBAEBAgAGBQJR0c9PAAoJEBYNRVNeJnmTSY4P/ilsf0ieJ07XJrtl3G7sWgcZ 70tHmnhyu8R4I1shc6mQgFVUCwObfbCGm20pT4vThcC9ntcMMErNPViUU7yAALlT 4L6Z6Lu45YFgQsEG9mjEOTgLq7pKkjyvsPugB5838sDO+8pd1VXL4CrcjP1yX6BE gIh+qo8CR9wqEXc/yPcnLs9X7mV4sgxoh8EZcw9MIblEUasdLBUr1QvzCvoXHepV j5H9n8jKMOuPXoHOfm7WcpX72tlZcfFy2M9cLfSn2P2ctaIvi3uXRiJDgaxve8aa fOZjOgf8bao+BDgbQ3eihF/5N486KS9oD9QwzY05/4urp6DyrkWqDER7y1lOtsCb IxAtwa3bEsmUflYvJlsdsZiiF/iO8R8Bw0jVIiQKK1VzdhWN7iTJ8o9Pzr1FoaZc VgYCyNftBUsHIi+rD0m2HdKBB7MMzH1/heS8/26zaj1gW7bBC1PEiO/MFRA/pX79 Vts/DjghNZR43SGULuc2wDodMhI0S+pcO2DI7Y+fcFU05xxRskKfQYf9je0VKauJ euUk4Dpm548Fs2JfDhSuGd45VAVbrPhCmm31fyOI3AAkbvhaoQWKA9tTNMmMOBCT mvtrioGrlAfkc2g5ZXmCGv0ZQ7AuQ32nYBUX+CFYlgHHAdK5ORxL7zcLwn9043as 3g4NK6/2vam9wBfOGfDm =OVns -----END PGP SIGNATURE-----
Current thread:
- CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Petr Matousek (Jul 01)
- Re: CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters Kurt Seifried (Jul 01)