Libvirt Security Notice: LSN-2017-0001

libvirtd crashes in virConnectGetAllDomainStats with empty cdrom

Lifecycle

Reported on: 20170224
Published on: 20170224
Fixed on: 20170224

Credits

Reported by: Peter Krempa
Patched by: Peter Krempa

See also

Description

When calling the virConnectGetAllDomainStats API on a guest which has a CDROM drive with no media present, libvirtd will crash on a NULL pointer acess

Impact

An application can cause a denial of service by crashing libvirtd if a guest has a CDROM drive with no media

Workaround

Avoid calling the virConnectGetAllDomainStats API, or ensure all CDROM drives have media inserted

Affected product: libvirt

Branch master
Broken in: v3.0.0
Fixed in: v3.1.0
Broken by: c5f6151390ff0a8e65014172bb8c0a8d312c3353
Fixed by: c3de387380f6057ee0e46cd9f2f0a092e8070875
Branch v3.0-maint
Broken by: c5f6151390ff0a8e65014172bb8c0a8d312c3353

Alternative formats: [xml] [text]