Bug 837531 (CVE-2013-4292) - VUL-0: CVE-2013-4292: libvirt: Unbounded RPC arrays in remote protocol
Summary: VUL-0: CVE-2013-4292: libvirt: Unbounded RPC arrays in remote protocol
Status: RESOLVED FIXED
Alias: CVE-2013-4292
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-08-29 14:21 UTC by Marcus Meissner
Modified: 2015-03-05 13:43 UTC (History)
4 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2013-08-29 14:21:16 UTC 
is public from libvirt


http://www.mail-archive.com/libvir-list@redhat.com/msg83332.html

From: "Daniel P. Berrange" <berra...@redhat.com>

The parameters for the virDomainMigrate*Params RPC calls were
not bounds checks, meaning a malicious client can cause libvirtd
to consume arbitrary memory


This issue was introduced in the 1.1.0 release of libvirt

CVE-2013-4292


So I think this does not cover older SLE / openSUSE versions execpt factory.
Comment 1 James Fehlig 2013-08-29 16:39:27 UTC 
libvirt 1.1.2, which will contain a fix for this issue, will be released early next week.  I'll update Factory then, instead of wasting time backporting patches to 1.1.1
Comment 2 Swamp Workflow Management 2013-08-29 22:00:38 UTC 
bugbot adjusting priority
Comment 3 James Fehlig 2013-09-04 04:22:44 UTC 
libvirt 1.1.2 submitted to Factory, SR#197361.
Comment 4 Bernhard Wiedemann 2013-09-04 05:00:19 UTC 
This is an autogenerated message for OBS integration:
This bug (837531) was mentioned in
https://build.opensuse.org/request/show/197361 Factory / libvirt
Comment 5 Alexander Bergmann 2013-09-20 15:36:40 UTC 
Closing bug as only Factory was affected and already fixed.