FS#42159 : [libvirt] CVE-2014-3633 out-of-bounds read access

FS#42159 - [libvirt] CVE-2014-3633 out-of-bounds read access

Attached to Project: Community Packages
Opened by Levente Polyak (anthraxx) - Sunday, 28 September 2014, 15:04 GMT
Last edited by Sergej Pupykin (sergej) - Monday, 29 September 2014, 11:02 GMT

Task Type	Bug Report
Category	Upstream Bugs
Status	Closed
Assigned To	Sergej Pupykin (sergej)
Architecture	All
Severity	High
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	1 Levente Polyak (anthraxx) (2014-09-28)
Private	No

Details

Hello,

libvirt <= 1.2.8 is suffering from an out-of-bounds read access [0] in qemuDomainGetBlockIoTune() due to invalid index.

A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.

A fix for this flaw has been commited upstream [1] and f.e. already applied by debian [2] as 1.2.9 is not yet there.

[0] https://access.redhat.com/security/cve/CVE-2014-3633
[1] http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b
[2] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762203

This task depends upon

Closed by Sergej Pupykin (sergej)
Monday, 29 September 2014, 11:02 GMT
Reason for closing: Fixed
Additional comments about closing: patch applied

Comment by Levente Polyak (anthraxx) - Sunday, 28 September 2014, 15:07 GMT

for convenience, i have attached the patch file from libvirt git [0]

[0] http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e745e8f775dfe6f64f18b5c2fe4791b35d3546b

CVE-2014-3633-qemu-blkiotune-... (1.7 KiB)

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#42159 - [libvirt] CVE-2014-3633 out-of-bounds read access

Details

Loading...