Libvirt Security Notice: LSN-2013-0003

Crash of libvirtd when listing host interfaces

Lifecycle

Reported on: 20130627
Published on: 20130701
Fixed on: 20130701

Credits

Reported by: Daniel Berrange
Patched by: Daniel Berrange

See also

Description

When requesting a list of host network interfaces that is filtered to only inactive interfaces, there is a double free of data.

Impact

A readonly user can cause memory corruption and a crash of the libvirtd daemon by asking for a list of inactive network interfaces.

Workaround

Prevent untrusted users from accessing libvirtd

Affected product: libvirt

Branch master
Broken in: v0.10.2
Broken in: v1.0.0
Broken in: v1.0.1
Broken in: v1.0.2
Broken in: v1.0.3
Broken in: v1.0.4
Broken in: v1.0.5
Broken in: v1.0.6
Fixed in: v1.1.0
Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86
Fixed by: 244e0b8cf15ca2ef48d82058e728656e6c4bad11
Branch v0.10.2-maint
Broken in: v0.10.2.1
Broken in: v0.10.2.2
Broken in: v0.10.2.3
Broken in: v0.10.2.4
Broken in: v0.10.2.5
Broken in: v0.10.2.6
Broken in: v0.10.2.7
Broken in: v0.10.2.8
Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86
Branch v1.0.5-maint
Broken in: v1.0.5.1
Broken in: v1.0.5.2
Broken in: v1.0.5.3
Broken in: v1.0.5.4
Broken in: v1.0.5.5
Broken in: v1.0.5.6
Broken in: v1.0.5.7
Broken in: v1.0.5.8
Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86
Branch v1.0.6-maint
Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86
Fixed by: 67a2f4c6d8ce28b0efacbdf009eccc6c186ee6af

Alternative formats: [xml] [text]