Libvirt Security Notice: LSN-2013-0009 ====================================== Summary: Missing bounds checking on parameter count in migration API Reported on: 20130829 Published on: 20130829 Fixed on: 20130829 Reported by: Daniel Berrange Patched by: Daniel Berrange See also: CVE-2013-4292 Description ----------- The virDomainMigrate*Params RPC calls did not check how many parameters were supplied by the user. Impact ------ A malicious user with the ability to start migration can cause libvirtd to allocate arbitrary amounts of memory by specifying too many parameters. Workaround ---------- Prevent untrusted users from using the migration APIs by setting a suitable access control policy Affected product ---------------- Name: libvirt Repository: https://gitlab.com/libvirt/libvirt Branch: master Broken in: v1.1.0 Broken in: v1.1.1 Fixed in: v1.1.2 Broken by: c0762b6518c32c1d6b17b7a222301fbfd90ba582 Fixed by: fd6f6a48619eb221afeb1c5965537534cd54e01d Branch: v1.1.0-maint Broken by: c0762b6518c32c1d6b17b7a222301fbfd90ba582 Fixed by: c30273ffba1579560548a16da063b95a8c9a1dc9 Branch: v1.1.1-maint Broken by: c0762b6518c32c1d6b17b7a222301fbfd90ba582 Fixed by: dfae2d6208926c6adb12a440b5e4640c1ac049d0