Libvirt Security Notice Index > 2013 > LSN-2013-0009 [xml] [text]

Libvirt Security Notice: LSN-2013-0009

Missing bounds checking on parameter count in migration API

Lifecycle

Reported on:	20130829
Published on:	20130829
Fixed on:	20130829

Credits

Reported by:	Daniel Berrange
Patched by:	Daniel Berrange

See also

CVE-2013-4292

Description

The virDomainMigrate*Params RPC calls did not check how many parameters were supplied by the user.

Impact

A malicious user with the ability to start migration can cause libvirtd to allocate arbitrary amounts of memory by specifying too many parameters.

Workaround

Prevent untrusted users from using the migration APIs by setting a suitable access control policy

Affected product: libvirt

Branch: master

Broken in:: v1.1.0
v1.1.1
Fixed in:: v1.1.2
Broken by:: c0762b6518c32c1d6b17b7a222301fbfd90ba582
Fixed by:: fd6f6a48619eb221afeb1c5965537534cd54e01d

Branch: v1.1.0-maint

Broken in:
Fixed in:
Broken by:: c0762b6518c32c1d6b17b7a222301fbfd90ba582
Fixed by:: c30273ffba1579560548a16da063b95a8c9a1dc9

Branch: v1.1.1-maint

Broken in:
Fixed in:
Broken by:: c0762b6518c32c1d6b17b7a222301fbfd90ba582
Fixed by:: dfae2d6208926c6adb12a440b5e4640c1ac049d0

Alternative formats: [xml] [text]

Home

Website (via DuckDuckGo) Wiki (via DuckDuckGo) Developers list Users list

Contact

email
irc

Community

Contribute

edit this page

Participants in the libvirt project agree to abide by the project code of conduct