Red Hat Bugzilla – Bug 996241
CVE-2013-4239 libvirt: memory corruption in xenDaemonListDefinedDomains function
Last modified: 2015-10-15 16:43:24 EDT
Commit 632180d1 introduced memory corruption in xenDaemonListDefinedDomains() by starting to populate the names array at index -1, causing all sorts of havoc in libvirtd such as aborts like the following
*** Error in `/usr/sbin/libvirtd': double free or corruption (out): 0x00007fffe00ccf20 ***
The xenDaemonListDefinedDomains() function is reached by the virConnectListDefinedDomains() public API, which can be used on read-only connections.
Created libvirt tracking bugs for this issue:
Affects: fedora-all [bug 996244]
This issue did not affect the versions of libvirt package as shipped with Red Hat Enterprise Linux 5 and 6.
This was assigned CVE-2013-4239: