- CVE-2013-2218: Fix crash listing network interfaces with filters
244e0b8c-CVE-2013-2218.patch OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=277
This commit is contained in:
parent
3a2f8fadaa
commit
1caaf6bb06
54
244e0b8c-CVE-2013-2218.patch
Normal file
54
244e0b8c-CVE-2013-2218.patch
Normal file
@ -0,0 +1,54 @@
|
||||
commit 244e0b8cf15ca2ef48d82058e728656e6c4bad11
|
||||
Author: Daniel P. Berrange <berrange@redhat.com>
|
||||
Date: Fri Jun 28 13:21:33 2013 +0100
|
||||
|
||||
Crash of libvirtd by unprivileged user in virConnectListAllInterfaces
|
||||
|
||||
On Thu, Jun 27, 2013 at 03:56:42PM +0100, Daniel P. Berrange wrote:
|
||||
> Hi Security Team,
|
||||
>
|
||||
> I've discovered a way for an unprivileged user with a readonly connection
|
||||
> to libvirtd, to crash the daemon.
|
||||
|
||||
Ok, the final patch for this is issue will be the simpler variant that
|
||||
Eric suggested
|
||||
|
||||
The embargo can be considered to be lifted on Monday July 1st, at
|
||||
0900 UTC
|
||||
|
||||
The following is the GIT change that DV or myself will apply to libvirt
|
||||
GIT master immediately before the 1.1.0 release:
|
||||
|
||||
>From 177b4165c531a4b3ba7f6ab6aa41dca9ceb0b8cf Mon Sep 17 00:00:00 2001
|
||||
From: "Daniel P. Berrange" <berrange@redhat.com>
|
||||
Date: Fri, 28 Jun 2013 10:48:37 +0100
|
||||
Subject: [PATCH] CVE-2013-2218: Fix crash listing network interfaces with
|
||||
filters
|
||||
|
||||
The virConnectListAllInterfaces method has a double-free of the
|
||||
'struct netcf_if' object when any of the filtering flags cause
|
||||
an interface to be skipped over. For example when running the
|
||||
command 'virsh iface-list --inactive'
|
||||
|
||||
This is a regression introduced in release 1.0.6 by
|
||||
|
||||
commit 7ac2c4fe624f30f2c8270116513fa2ddab07631f
|
||||
Author: Guannan Ren <gren@redhat.com>
|
||||
Date: Tue May 21 21:29:38 2013 +0800
|
||||
|
||||
interface: list all interfaces with flags == 0
|
||||
|
||||
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
|
||||
|
||||
Index: libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
===================================================================
|
||||
--- libvirt-1.0.6.orig/src/interface/interface_backend_netcf.c
|
||||
+++ libvirt-1.0.6/src/interface/interface_backend_netcf.c
|
||||
@@ -365,6 +365,7 @@ netcfConnectListAllInterfaces(virConnect
|
||||
(MATCH(VIR_CONNECT_LIST_INTERFACES_INACTIVE) &&
|
||||
(status & NETCF_IFACE_INACTIVE)))) {
|
||||
ncf_if_free(iface);
|
||||
+ iface = NULL;
|
||||
continue;
|
||||
}
|
||||
|
@ -1,3 +1,9 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 1 09:25:41 MDT 2013 - jfehlig@suse.com
|
||||
|
||||
- CVE-2013-2218: Fix crash listing network interfaces with filters
|
||||
244e0b8c-CVE-2013-2218.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 11 10:36:17 MDT 2013 - jfehlig@suse.com
|
||||
|
||||
|
@ -407,6 +407,7 @@ Source1: libvirtd.init
|
||||
Source2: libvirtd-relocation-server.fw
|
||||
Source99: baselibs.conf
|
||||
# Upstream patches
|
||||
Patch0: 244e0b8c-CVE-2013-2218.patch
|
||||
# Need to go upstream
|
||||
Patch100: xen-name-for-devid.patch
|
||||
Patch101: clone.patch
|
||||
@ -874,6 +875,7 @@ of recent versions of Linux (and other OSes).
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch100 -p1
|
||||
%patch101
|
||||
%patch102 -p1
|
||||
|
Loading…
Reference in New Issue
Block a user