Libvirt Security Notice Index > 2013 > LSN-2013-0005 [xml] [text]

Libvirt Security Notice: LSN-2013-0005

Crash after querying vCPU count from guest agent

Lifecycle

Reported on: 20130716
Published on: 20130716
Fixed on: 20130716

Credits

Reported by: Peter Krempa
Patched by: Peter Krempa

See also

Description

When processing the response to a vCPU count query from the guest agent, a JSON object would be freed twice. This could result in a crash of the libvirtd daemon.

Impact

A user with permission to query the VCPU count could crash the libvirtd daemon resulting in a denial of service.

Workaround

Prevent untrusted users from accessing libvirtd

Affected product: libvirt

Branch: master

Broken in:
v1.1.0
Fixed in:
v1.1.1
Broken by:
3099c063e348fdc79a900f88bcfc5389dada7786
Fixed by:
dfc692350a04a70b4ca65667c30869b3bfdaf034

Branch: v1.1.0-maint

Broken in:
Fixed in:
Broken by:
3099c063e348fdc79a900f88bcfc5389dada7786
Fixed by:
cafcec2f5b0c9ff1dc573d798933ae453a15fa29

Alternative formats: [xml] [text]