Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2024-1441

Published: 11 March 2024

An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.

Notes

AuthorNote
sbeattie
introduced in 5a33366f5c ("interface: add udev based
backend for virInterface") and d6064e2759 ("libvirt-<module>:
Check caller-provided buffers to be NULL with size > 0")

Priority

Medium

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

jammy Needs triage

mantic Needs triage

trusty Needs triage

upstream Needs triage

xenial Needs triage

Patches:
upstream: https://gitlab.com/libvirt/libvirt/-/commit/c664015fe3a7bf59db26686e9ed69af011c6ebb8