Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Wed, 10 Jul 2013 14:28:49 +0200
From: Petr Matousek <pmatouse@...hat.com>
To: oss-security@...ts.openwall.com
Cc: libvirt-security@...hat.com
Subject: [NOT A CVE REQUEST] CVE-2013-2230 -- libvirt: multiple registered
 events crash

A flaw was found in the way multiple events registration were handled in
libvirt qemu driver.

A remote user able to issue commands to libvirt daemon could use this
flaw to crash libvirtd.

Upstream fix:
http://libvirt.org/git/?p=libvirt.git;a=commit;h=f38c8185f97720ecae7ef2291fbaa5d6b0209e17

References:
https://bugzilla.redhat.com/show_bug.cgi?id=981476

Thanks,
-- 
Petr Matousek / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ