Displaying 3 results from an estimated 3 matches for "0x65da50".
Did you mean:
0x65a590
2013 May 30
0
Re: ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0
....
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff69deae2 in __strlen_sse2 () from /lib64/libc.so.6
(gdb) bt
#0 0x00007ffff69deae2 in __strlen_sse2 () from /lib64/libc.so.6
#1 0x00007ffff69de7e6 in strdup () from /lib64/libc.so.6
#2 0x00007ffff7b7936c in guestfs___safe_strdup (g=0x65da50, str=0x0) at alloc.c:96
#3 0x00007ffff7b8b65e in parse_suse_release (filename=<optimized out>, fs=<optimized out>, g=<optimized out>) at inspect-fs-unix.c:343
#4 guestfs___check_linux_root (g=0x65da50, fs=0x6665b0) at inspect-fs-unix.c:560
#5 0x00007ffff7b88522 in check_filesys...
2013 May 28
6
ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0
There's a denial of service attack possible from guests on any program
that does inspection (eg. virt-inspector, many other virt-* tools,
virt-v2v, OpenStack).
The attack causes the host process to crash because of a double free.
It's probably not exploitable (definitely not on Fedora because of the
default memory hardening settings).
This patch contains the fix and a reproducer:
2013 May 31
1
Re: ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0
On Fri, May 31, 2013 at 01:03:24AM +0200, Olaf Hering wrote:
> #2 0x00007ffff7b7936c in guestfs___safe_strdup (g=0x65da50, str=0x0) at alloc.c:96
> #3 0x00007ffff7b8b65e in parse_suse_release (filename=<optimized out>, fs=<optimized out>, g=<optimized out>) at inspect-fs-unix.c:343
This is a different problem:
lines = guestfs_head_n (g, 10, filename);
if (lines == NULL)
return -1;
/*...