Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <51D1CF4F.8050008@redhat.com>
Date: Mon, 01 Jul 2013 12:49:51 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com, libvirt-security@...hat.com
Subject: Re: CVE-2013-2218 -- libvirt: crash when listing network
 interfaces with filters

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/01/2013 09:21 AM, Petr Matousek wrote:
> The virConnectListAllInterfaces method has a double-free of the 
> 'struct netcf_if' object when any of the filtering flags cause an
> interface to be skipped over. For example when running the command
> 'virsh iface-list --inactive'
> 
> Upstream fix: 
> http://libvirt.org/git/?p=libvirt.git;a=commit;h=244e0b8cf15ca2ef48d82058e728656e6c4bad11
>
>  References: https://bugzilla.redhat.com/show_bug.cgi?id=980112
> 
> Thanks,
> 

Please use CVE-2013-2229 for this issue.


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJR0c9PAAoJEBYNRVNeJnmTSY4P/ilsf0ieJ07XJrtl3G7sWgcZ
70tHmnhyu8R4I1shc6mQgFVUCwObfbCGm20pT4vThcC9ntcMMErNPViUU7yAALlT
4L6Z6Lu45YFgQsEG9mjEOTgLq7pKkjyvsPugB5838sDO+8pd1VXL4CrcjP1yX6BE
gIh+qo8CR9wqEXc/yPcnLs9X7mV4sgxoh8EZcw9MIblEUasdLBUr1QvzCvoXHepV
j5H9n8jKMOuPXoHOfm7WcpX72tlZcfFy2M9cLfSn2P2ctaIvi3uXRiJDgaxve8aa
fOZjOgf8bao+BDgbQ3eihF/5N486KS9oD9QwzY05/4urp6DyrkWqDER7y1lOtsCb
IxAtwa3bEsmUflYvJlsdsZiiF/iO8R8Bw0jVIiQKK1VzdhWN7iTJ8o9Pzr1FoaZc
VgYCyNftBUsHIi+rD0m2HdKBB7MMzH1/heS8/26zaj1gW7bBC1PEiO/MFRA/pX79
Vts/DjghNZR43SGULuc2wDodMhI0S+pcO2DI7Y+fcFU05xxRskKfQYf9je0VKauJ
euUk4Dpm548Fs2JfDhSuGd45VAVbrPhCmm31fyOI3AAkbvhaoQWKA9tTNMmMOBCT
mvtrioGrlAfkc2g5ZXmCGv0ZQ7AuQ32nYBUX+CFYlgHHAdK5ORxL7zcLwn9043as
3g4NK6/2vam9wBfOGfDm
=OVns
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.