The network interface name in Linux is defined to be of size IFNAMSIZ(=16), including the terminating null('\0') byte. The same is applied to interface names read from 'bridge.conf' file to form ACL rules. If user supplied '--br=bridge' name is not restricted to the same length, it could lead to ACL bypass issue. Restrict interface name to IFNAMSIZ, including null byte. Upstream Issue: https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg00245.html
Created qemu tracking bugs for this issue: Affects: epel-7 [bug 1729960] Affects: fedora-all [bug 1729959]
Hi I think the CVE id ist a typo and it should be CVE-2019-13164? The later is already mentioned in https://www.openwall.com/lists/oss-security/2019/07/02/2 and refers to https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg00245.html. Regards, Salvatore
(In reply to Salvatore Bonaccorso from comment #2) > Hi > > I think the CVE id ist a typo and it should be CVE-2019-13164? The later is > already mentioned in > https://www.openwall.com/lists/oss-security/2019/07/02/2 and refers to > https://lists.gnu.org/archive/html/qemu-devel/2019-07/msg00245.html. Respective Red Hat Bugzilla entry is at: https://bugzilla.redhat.com/show_bug.cgi?id=1722559 Regards, Salvatore
Hi Salvatore, Setting correct needinfo, so that one of analyst working on this can review and reply. Regards YOG.
Hi, I've just removed the CVE-2019-13164 alias from this bug as it was incorrectly assigned. There was a typo on a debian communication, which led to the creation of this wrong bug. The right CVE is CVE-2019-13164. Hope this helps.
*** This bug has been marked as a duplicate of bug 1722559 ***