Date: Thu, 29 Aug 2013 16:20:00 +0200 From: Petr Matousek <pmatouse@...hat.com> To: oss-security@...ts.openwall.com Cc: libvirt-security@...hat.com Subject: CVE request -- libvirt: virBitmapParse out-of-bounds read access The virBitmapParse function was calling virBitmapIsSet() function that requires the caller to check the bounds of the bitmap without checking them. This resulted into crashes when parsing a bitmap string that was exceeding the bounds used as argument. Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0fc89098a68f0f6962de8be4fc03ddd960ffbf08 Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=47b9127e883677a0d60d767030a147450e919a25 References: https://bugzilla.redhat.com/show_bug.cgi?id=997367 Thanks, -- Petr Matousek / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.