A potential invalid free (uninialized variable) flaw was found in virFileNBDDeviceAssociate function in libvirt. A remote user able to issue commands to libvirt daemon could use this flaw to crash libvirtd. Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=8aabd597b379db5ae1655e36dff4f10d5622830a Upstream fix: http://libvirt.org/git/?p=libvirt.git;a=commit;h=2dba0323ff0cec31bdcea9dd3b2428af297401f2
Statement: Not vulnerable. This issue did not affect the versions of libvirt package as shipped with Red Hat Enterprise Linux 5 and 6.
Created libvirt tracking bugs for this issue: Affects: fedora-all [bug 1006511]
libvirt-1.1.3-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.