Bug 968306 (CVE-2013-2124)
| Summary: | CVE-2013-2124 libguestfs: DoS (abort) due to a double free flaw when inspecting certain guest files / images | ||
|---|---|---|---|
| Product: | [Other] Security Response | Reporter: | Jan Lieskovsky <jlieskov> |
| Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
| Status: | CLOSED NOTABUG | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | unspecified | CC: | leiwang, mbooth, rjones, virt-maint, wshi |
| Target Milestone: | --- | Keywords: | Security |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2015-07-29 13:18:22 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 968315, 968337, 968341 | ||
| Bug Blocks: | |||
|
Description
Jan Lieskovsky
2013-05-29 12:33:52 UTC
This issue did NOT affect the version of the libguestfs package, as shipped with Red Hat Enterprise Linux 6. -- This issue did NOT affect the version of the libguestfs package, as shipped with Fedora release of 17. This issue (previously) affected the version of the libguestfs package, as shipped with Fedora release of 18. Version libguestfs-1.20.7-1.fc18 has been released (into the -testing branch) already to correct this problem. -- This issue affects the version of the libguestfs package, as shipped with Fedora EPEL-5. Please schedule an update. Created libguestfs tracking bugs for this issue Affects: epel-5 [bug 968315] Statement: Not vulnerable. This issue did not affect the version of libguestfs as shipped with Red Hat Enterprise Linux 6 as it did not include the upstream commit 5a3da366268825b26b470cde35658b67c1d11cd4 that introduced this issue. Fedora 17 is not affected. Fedora 18 is affected, fixed in this package: https://admin.fedoraproject.org/updates/libguestfs-1.20.7-1.fc18 Fedora 19 is affected, fixed in this package: https://admin.fedoraproject.org/updates/libguestfs-1.22.1-1.fc19 RHEL 6.4 is not affected. RHEL 6.5 is going to be rebased (bug 958183) but we've not been able to commit that yet because we're waiting for some acks. Will clone this bug to make sure the fix isn't forgotten. RHEL 7 would be affected, but we are planning to rebase to 1.22.x (x >= 1) soon anyway. Will clone the bug for RHEL 7. This has been assigned CVE-2013-2124 as per: http://www.openwall.com/lists/oss-security/2013/05/29/8 Further commits required: https://github.com/libguestfs/libguestfs/commit/ae8bb84ecd46d7b6ef557a87725923ac8d09dce0 https://github.com/libguestfs/libguestfs/commit/1c9dfd079aa6d7893f72c5fd17656c847f72c8d6 Still working on this ... OK I think we're all done upstream. The complete fix requires the following commits: https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd https://github.com/libguestfs/libguestfs/commit/ae8bb84ecd46d7b6ef557a87725923ac8d09dce0 https://github.com/libguestfs/libguestfs/commit/1c9dfd079aa6d7893f72c5fd17656c847f72c8d6 It will be fixed upstream in >= 1.20.8, >= 1.22.2, >= 1.23.2. |