On 08/05/2013 10:39 AM, Jim Fehlig wrote:
Commit 632180d1 introduced memory corruption in
xenDaemonListDefinedDomains
by starting to populate the names array at index -1, causing all sorts
of havoc in libvirtd such as aborts like the following
*** Error in `/usr/sbin/libvirtd': double free or corruption (out):
0x00007fffe00ccf20 ***
This has been assigned CVE-2013-4239 (a read-only client can crash or
otherwise interfere with read-write clients). v1.1.1 is the only
impacted release, and only if you compiled with xen support; and
v1.1.1-maint already includes the backport of this patch. Thanks again
for a quick fix.
--
Eric Blake eblake redhat com +1-919-301-3266
Libvirt virtualization library
http://libvirt.org