[PATCH] NEWS: Mention fix for CVE-2024-8235

Peter Krempa posted 1 patch 3 weeks ago
NEWS.rst | 12 ++++++++++++
1 file changed, 12 insertions(+)
[PATCH] NEWS: Mention fix for CVE-2024-8235
Posted by Peter Krempa 3 weeks ago
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 NEWS.rst | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/NEWS.rst b/NEWS.rst
index 9234e70590..755f51d5b7 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,18 @@ v10.7.0 (unreleased)

 * **Security**

+  * CVE-2024-8235: Crash of ``virtinterfaced`` via ``virConnectListInterfaces()``
+
+    A refactor of the code fetching the list of interfaces for multiple APIs
+    introduced corner case on platforms where allocating 0 bytes of memory
+    results in a NULL pointer.
+
+    This corner case would lead to a NULL-pointer dereference and subsequent
+    crash of ``virtinterfaced`` if ``virConnectListInterfaces()`` is called
+    requesting 0 networks to be filled.
+
+    The bug was introduced in libvirt-10.4.0
+
 * **Removed features**

 * **New features**
-- 
2.46.0
Re: [PATCH] NEWS: Mention fix for CVE-2024-8235
Posted by Jiri Denemark 3 weeks ago
On Thu, Aug 29, 2024 at 11:04:15 +0200, Peter Krempa wrote:
> Signed-off-by: Peter Krempa <pkrempa@redhat.com>
> ---
>  NEWS.rst | 12 ++++++++++++
>  1 file changed, 12 insertions(+)
> 
> diff --git a/NEWS.rst b/NEWS.rst
> index 9234e70590..755f51d5b7 100644
> --- a/NEWS.rst
> +++ b/NEWS.rst
> @@ -13,6 +13,18 @@ v10.7.0 (unreleased)
> 
>  * **Security**
> 
> +  * CVE-2024-8235: Crash of ``virtinterfaced`` via ``virConnectListInterfaces()``
> +
> +    A refactor of the code fetching the list of interfaces for multiple APIs
> +    introduced corner case on platforms where allocating 0 bytes of memory
> +    results in a NULL pointer.
> +
> +    This corner case would lead to a NULL-pointer dereference and subsequent
> +    crash of ``virtinterfaced`` if ``virConnectListInterfaces()`` is called
> +    requesting 0 networks to be filled.
> +
> +    The bug was introduced in libvirt-10.4.0
> +
>  * **Removed features**
> 
>  * **New features**

Reviewed-by: Jiri Denemark <jdenemar@redhat.com>