NEWS.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+)
Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
NEWS.rst | 12 ++++++++++++
1 file changed, 12 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 9234e70590..755f51d5b7 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,18 @@ v10.7.0 (unreleased)
* **Security**
+ * CVE-2024-8235: Crash of ``virtinterfaced`` via ``virConnectListInterfaces()``
+
+ A refactor of the code fetching the list of interfaces for multiple APIs
+ introduced corner case on platforms where allocating 0 bytes of memory
+ results in a NULL pointer.
+
+ This corner case would lead to a NULL-pointer dereference and subsequent
+ crash of ``virtinterfaced`` if ``virConnectListInterfaces()`` is called
+ requesting 0 networks to be filled.
+
+ The bug was introduced in libvirt-10.4.0
+
* **Removed features**
* **New features**
--
2.46.0
On Thu, Aug 29, 2024 at 11:04:15 +0200, Peter Krempa wrote: > Signed-off-by: Peter Krempa <pkrempa@redhat.com> > --- > NEWS.rst | 12 ++++++++++++ > 1 file changed, 12 insertions(+) > > diff --git a/NEWS.rst b/NEWS.rst > index 9234e70590..755f51d5b7 100644 > --- a/NEWS.rst > +++ b/NEWS.rst > @@ -13,6 +13,18 @@ v10.7.0 (unreleased) > > * **Security** > > + * CVE-2024-8235: Crash of ``virtinterfaced`` via ``virConnectListInterfaces()`` > + > + A refactor of the code fetching the list of interfaces for multiple APIs > + introduced corner case on platforms where allocating 0 bytes of memory > + results in a NULL pointer. > + > + This corner case would lead to a NULL-pointer dereference and subsequent > + crash of ``virtinterfaced`` if ``virConnectListInterfaces()`` is called > + requesting 0 networks to be filled. > + > + The bug was introduced in libvirt-10.4.0 > + > * **Removed features** > > * **New features** Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
© 2016 - 2024 Red Hat, Inc.