Source: qemu, qemu-kvm Version: 1.1.2+dfsg-2 Severity: important Tags: upstream patch
Qcow2 block driver has a memory handling bug in refcount table handling: block/qcow2-refcount.c:alloc_refcount_block() allocates too small buffer which is used down the line, which results in a memory corruption. Easiest reproducer/verifier is: qemu-img create -f qcow2 -o cluster_size=512,preallocation=metadata disk.img 4G this aborts after glibc detects double free or memory corruption. Upstream bugreport: https://bugs.launchpad.net/qemu/+bug/1071236 patch: http://www.mail-archive.com/[email protected]/msg138606.html The issue affects not only qemu-img utility, but actual block drivers in qemu (and qemu-kvm). -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
