Libvirt Security Notice Index > 2013 > LSN-2013-0016 [xml] [text]

Libvirt Security Notice: LSN-2013-0016

Out of bounds access in bitmap array

Lifecycle

Reported on:	20130816
Published on:	20130816
Fixed on:	20130816

Credits

Reported by:	Peter Krempa
Patched by:	Peter Krempa

Description

When parsing bitmap strings the bounds of the array were not checked when determining if the bit was set. This in turn resulted in the parser later crashing

Impact

A malicious user can cause libvirtd to crash by feeding it data with malformed bitmap strings

Workaround

Prevent untrusted users from accessing the libvirtd daemon

Affected product: libvirt

Branch: master

Broken in:: v0.10.2
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.1.0
v1.1.1
Fixed in:: v1.1.2
Broken by:: 0fc89098a68f0f6962de8be4fc03ddd960ffbf08
Fixed by:: 47b9127e883677a0d60d767030a147450e919a25

Branch: v0.10.2-maint

Broken in:: v0.10.2.1
v0.10.2.2
v0.10.2.3
v0.10.2.4
v0.10.2.5
v0.10.2.6
v0.10.2.7
Fixed in:: v0.10.2.8
Broken by:: 0fc89098a68f0f6962de8be4fc03ddd960ffbf08
Fixed by:: ecad40d8b84864bee4495d1447902a6206a39a4d

Branch: v1.0.0-maint

Broken in:
Fixed in:
Broken by:: 0fc89098a68f0f6962de8be4fc03ddd960ffbf08
Fixed by:

Branch: v1.0.1-maint

Broken in:
Fixed in:
Broken by:: 0fc89098a68f0f6962de8be4fc03ddd960ffbf08
Fixed by:

Branch: v1.0.2-maint

Broken in:
Fixed in:
Broken by:: 0fc89098a68f0f6962de8be4fc03ddd960ffbf08
Fixed by:

Branch: v1.0.3-maint

Broken in:
Fixed in:
Broken by:: 0fc89098a68f0f6962de8be4fc03ddd960ffbf08
Fixed by:

Alternative formats: [xml] [text]

Libvirt Security Notice: LSN-2013-0016

Out of bounds access in bitmap array

Lifecycle

Credits

See also

Description

Impact

Workaround

Affected product: libvirt

Branch: master

Branch: v0.10.2-maint

Branch: v1.0.0-maint

Branch: v1.0.1-maint

Branch: v1.0.2-maint

Branch: v1.0.3-maint

Branch: v1.0.4-maint

Branch: v1.0.5-maint

Branch: v1.0.6-maint

Branch: v1.1.0-maint

Branch: v1.1.1-maint

Contact

Community

Contribute