Libvirt Security Notice: LSN-2013-0003
        ======================================

       Summary: Crash of libvirtd when listing host interfaces
   Reported on: 20130627
  Published on: 20130701
      Fixed on: 20130701
   Reported by: Daniel Berrange <berrange@redhat.com>
    Patched by: Daniel Berrange <berrange@redhat.com>
      See also: CVE-2013-2218

Description
-----------

When requesting a list of host network interfaces that is filtered
to only inactive interfaces, there is a double free of data.

Impact
------

A readonly user can cause memory corruption and a crash of the
libvirtd daemon by asking for a list of inactive network interfaces.

Workaround
----------

Prevent untrusted users from accessing libvirtd

Affected product
----------------

        Name: libvirt
  Repository: https://gitlab.com/libvirt/libvirt

      Branch: master
   Broken in: v0.10.2
   Broken in: v1.0.0
   Broken in: v1.0.1
   Broken in: v1.0.2
   Broken in: v1.0.3
   Broken in: v1.0.4
   Broken in: v1.0.5
   Broken in: v1.0.6
    Fixed in: v1.1.0
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86
    Fixed by: 244e0b8cf15ca2ef48d82058e728656e6c4bad11

      Branch: v0.10.2-maint
   Broken in: v0.10.2.1
   Broken in: v0.10.2.2
   Broken in: v0.10.2.3
   Broken in: v0.10.2.4
   Broken in: v0.10.2.5
   Broken in: v0.10.2.6
   Broken in: v0.10.2.7
   Broken in: v0.10.2.8
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.0-maint
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.1-maint
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.2-maint
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.3-maint
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.4-maint
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.5-maint
   Broken in: v1.0.5.1
   Broken in: v1.0.5.2
   Broken in: v1.0.5.3
   Broken in: v1.0.5.4
   Broken in: v1.0.5.5
   Broken in: v1.0.5.6
   Broken in: v1.0.5.7
   Broken in: v1.0.5.8
   Broken in: v1.0.5.9
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86

      Branch: v1.0.6-maint
   Broken by: a3cf061c824aac0c4cb06ac91ac0bff612bf0e86
    Fixed by: 67a2f4c6d8ce28b0efacbdf009eccc6c186ee6af