Libvirt Security Notice: LSN-2013-0011 ====================================== Summary: Invalid free when setting up NBD devices Reported on: 20130903 Published on: 20130903 Fixed on: 20130903 Reported by: Michal Privoznik Patched by: Michal Privoznik See also: CVE-2013-4297 Description ----------- When setup of an NBD device for a container fails the libvirtd daemon could end up free'ing an uninitialized variable. If unlucky this would result in memory corruption or a crash Impact ------ A user with the permission to start LXC guests could cause the libvirtd daemon to crash leading to a denial of service Workaround ---------- Do not configure LXC guests with the NBD backed disks or remove the permission for untrusted users to start LXC guests Affected product ---------------- Name: libvirt Repository: https://gitlab.com/libvirt/libvirt Branch: master Broken in: v1.0.6 Broken in: v1.1.0 Broken in: v1.1.1 Broken in: v1.1.2 Fixed in: v1.1.3 Broken by: 8aabd597b379db5ae1655e36dff4f10d5622830a Fixed by: 2dba0323ff0cec31bdcea9dd3b2428af297401f2 Branch: v1.0.6-maint Broken by: 8aabd597b379db5ae1655e36dff4f10d5622830a Fixed by: b5eab6a98430c742c5ad2a6d6eef5fc81d304d60 Branch: v1.1.0-maint Broken by: 8aabd597b379db5ae1655e36dff4f10d5622830a Fixed by: b312b19149ab70c59ceb898a22adbef4c000e394 Branch: v1.1.1-maint Broken by: 8aabd597b379db5ae1655e36dff4f10d5622830a Fixed by: 28ca8b386cfad3884712582197eeef6db9ed8b9a Branch: v1.1.2-maint Broken by: 8aabd597b379db5ae1655e36dff4f10d5622830a Fixed by: af8952e924921189180ee9f7dcbe6086071525f7