Re: CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters

[Kurt Seifried <kseifried () redhat com>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/01/2013 09:21 AM, Petr Matousek wrote:
> The virConnectListAllInterfaces method has a double-free of the 
> 'struct netcf_if' object when any of the filtering flags cause an
> interface to be skipped over. For example when running the command
> 'virsh iface-list --inactive'
>
> Upstream fix: 
> http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11
>
>  References: https://bugzilla.redhat.com/show_bug.cgi?id=980112
>
> Thanks,

Please use CVE-2013-2229 for this issue.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJR0c9PAAoJEBYNRVNeJnmTSY4P/ilsf0ieJ07XJrtl3G7sWgcZ
70tHmnhyu8R4I1shc6mQgFVUCwObfbCGm20pT4vThcC9ntcMMErNPViUU7yAALlT
4L6Z6Lu45YFgQsEG9mjEOTgLq7pKkjyvsPugB5838sDO+8pd1VXL4CrcjP1yX6BE
gIh+qo8CR9wqEXc/yPcnLs9X7mV4sgxoh8EZcw9MIblEUasdLBUr1QvzCvoXHepV
j5H9n8jKMOuPXoHOfm7WcpX72tlZcfFy2M9cLfSn2P2ctaIvi3uXRiJDgaxve8aa
fOZjOgf8bao+BDgbQ3eihF/5N486KS9oD9QwzY05/4urp6DyrkWqDER7y1lOtsCb
IxAtwa3bEsmUflYvJlsdsZiiF/iO8R8Bw0jVIiQKK1VzdhWN7iTJ8o9Pzr1FoaZc
VgYCyNftBUsHIi+rD0m2HdKBB7MMzH1/heS8/26zaj1gW7bBC1PEiO/MFRA/pX79
Vts/DjghNZR43SGULuc2wDodMhI0S+pcO2DI7Y+fcFU05xxRskKfQYf9je0VKauJ
euUk4Dpm548Fs2JfDhSuGd45VAVbrPhCmm31fyOI3AAkbvhaoQWKA9tTNMmMOBCT
mvtrioGrlAfkc2g5ZXmCGv0ZQ7AuQ32nYBUX+CFYlgHHAdK5ORxL7zcLwn9043as
3g4NK6/2vam9wBfOGfDm
=OVns
-----END PGP SIGNATURE-----