Bug#1070330: [Pkg-libvirt-maintainers] Bug#1070330: libvirt: CVE-2024-4418: stack use-after-free in virNetClientIOEventLoop()
Hi Guido, On Fri, May 03, 2024 at 09:47:30PM +0200, Guido Günther wrote: > control: -1 +pending > > Hi, > On Fri, May 03, 2024 at 09:10:23PM +0200, Salvatore Bonaccorso wrote: > > Source: libvirt > > Version: 10.2.0-1 > > Severity: important > > Tags: security upstream > > X-Debbugs-Cc: car...@debian.org, Debian Security Team > > > > > > Hi, > > > > The following vulnerability was published for libvirt. > > > > CVE-2024-4418[0]: > > | stack use-after-free in virNetClientIOEventLoop() > > > > > > If you fix the vulnerability please also make sure to include the > > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > See https://salsa.debian.org/libvirt-team/libvirt/-/merge_requests/220 Ah, very nice. Thanks! Regards, Salvatore
Bug#1070330: [Pkg-libvirt-maintainers] Bug#1070330: libvirt: CVE-2024-4418: stack use-after-free in virNetClientIOEventLoop()
control: -1 +pending Hi, On Fri, May 03, 2024 at 09:10:23PM +0200, Salvatore Bonaccorso wrote: > Source: libvirt > Version: 10.2.0-1 > Severity: important > Tags: security upstream > X-Debbugs-Cc: car...@debian.org, Debian Security Team > > > Hi, > > The following vulnerability was published for libvirt. > > CVE-2024-4418[0]: > | stack use-after-free in virNetClientIOEventLoop() > > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. See https://salsa.debian.org/libvirt-team/libvirt/-/merge_requests/220 Cheers, -- Guido > > For further information see: > > [0] https://security-tracker.debian.org/tracker/CVE-2024-4418 > https://www.cve.org/CVERecord?id=CVE-2024-4418 > [1] https://bugzilla.redhat.com/show_bug.cgi?id=2278616 > [2] > https://gitlab.com/libvirt/libvirt/-/commit/8074d64dc2eca846d6a61efe1a9b7428a0ce1dd1 > > Please adjust the affected versions in the BTS as needed. > > Regards, > Salvatore > > ___ > Pkg-libvirt-maintainers mailing list > pkg-libvirt-maintain...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-libvirt-maintainers >
Bug#1070330: libvirt: CVE-2024-4418: stack use-after-free in virNetClientIOEventLoop()
Source: libvirt Version: 10.2.0-1 Severity: important Tags: security upstream X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for libvirt. CVE-2024-4418[0]: | stack use-after-free in virNetClientIOEventLoop() If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2024-4418 https://www.cve.org/CVERecord?id=CVE-2024-4418 [1] https://bugzilla.redhat.com/show_bug.cgi?id=2278616 [2] https://gitlab.com/libvirt/libvirt/-/commit/8074d64dc2eca846d6a61efe1a9b7428a0ce1dd1 Please adjust the affected versions in the BTS as needed. Regards, Salvatore
