Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: [Libvirt-Security] [oss-security] CVE-2013-2218 -- libvirt: crash when listing network interfaces with filters
From: Eric Blake <eblake () redhat com>
Date: Mon, 01 Jul 2013 13:06:51 -0600

On 07/01/2013 12:49 PM, Kurt Seifried wrote:
On 07/01/2013 09:21 AM, Petr Matousek wrote:
The virConnectListAllInterfaces method has a double-free of the 
'struct netcf_if' object when any of the filtering flags cause an
interface to be skipped over. For example when running the command
'virsh iface-list --inactive'

Upstream fix: 
http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11

 References: https://bugzilla.redhat.com/show_bug.cgi?id=980112

Thanks,


Please use CVE-2013-2229 for this issue.

No, we already assigned CVE-2013-2218 to this issue.  CVE-2013-2229
should be closed as a mistake, or reused for some other purpose.

-- 
Eric Blake   eblake redhat com    +1-919-301-3266
Libvirt virtualization library http://libvirt.org

Attachment: signature.asc
Description: OpenPGP digital signature


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault