Displaying 20 results from an estimated 3000 matches similar to: "FYI: CVE-2018-11806 Qemu: slirp: heap buffer overflow while reassembling fragmented datagrams"
2019 Nov 07
0
Re: Where can I find the slirp-helper?
Hi Han,
The slirp-helper is a helper program provided in libslirp rust bindings. It
seems that you need to build it yourself ATM.
git clone https://gitlab.freedesktop.org/slirp/libslirp-rs.git
> cd libslirp-rs
> cargo build --bin slirp-helper --features=all
>
Han Han <hhan@redhat.com> 於 2019年11月7日 週四 下午2:01寫道:
> For the libvirt 5.8 release, I find that there is a new comment
2019 Nov 07
2
Where can I find the slirp-helper?
For the libvirt 5.8 release, I find that there is a new comment in
qemu.conf:
#slirp_helper = "/usr/bin/slirp-helper"
It indicates that there is a slirp-helper to help setup slirp network. But
I cannot
find it even after I built the latest qemu(v4.1.0-1378-g98b2e3c9ab) and
libvirt
(v5.9.0-rc1-2-g73f91d659b).
Could you please tell me where I can find that helper program?
Thanks
--
2007 Feb 09
3
? has mib:::udp[In/Out]Datagrams been superceded by mib:::udpHC[In/Out]Datagrams
Hi,
Looking at some udp stuff on snv_57, and I noticed that
mib:::udpInDatagrams no longer exists, has this been superceded by
mib:::udpHCInDatagrams?
From my understanding they represent the same counter, but I''m asking
in case this is a bug. I noticed that there is still a reference to
udpInDatagrams in the DTrace testsuite.
- Fintan
2007 May 14
0
[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
==========================================================
==
== Subject: Multiple Heap Overflows Allow Remote
== Code Execution
== CVE ID#: CVE-2007-2446
==
== Versions: Samba 3.0.0 - 3.0.25rc3 (inclusive)
==
== Summary: Various bugs in Samba's NDR parsing
== can allow a user to send specially
==
2007 Sep 25
0
Bug#444007: CVE-2007-1320 multiple heap based buffer overflows
Package: xen-3.0
Version: 3.0.3-0-2
Severity: grave
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for xen-3.0.
CVE-2007-1320[0]:
| Multiple heap-based buffer overflows in the cirrus_invalidate_region
| function in the Cirrus VGA extension in QEMU 0.8.2 might allow local
| users to execute arbitrary code via unspecified vectors related to
|
2007 May 14
0
[SAMBA-SECURITY] CVE-2007-2446: Multiple Heap Overflows Allow Remote Code Execution
Spam detection software, running on the system "mail.montanhydraulik.com", has
identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn't spam) or label
similar future email. If you have any questions, see
postmaster for details.
Content preview: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
2020 Feb 20
0
buffer overflow detected in collectd using libguestfs
We have extended collectd virt plugin to extract info about disk usage from
a libvirt domain using libguestfs.
We have had several issues with it which were raised here in 2018 by Peter
Dimitrov.
Currently the collectd plugin works fine and retrieves the required
statistics. Current collectd configuration says that interval of reading
statistics (interval of calling all plugins read functions) is
2018 Dec 06
0
[PATCH v2] Revert "launch: libvirt: Use qemu-bridge-helper to implement a full network (RHBZ#1148012)."
We've been carrying this exact patch in RHEL 7 for several years. It
reverts the change made in 2014 where we switched to using the virbr0
bridge for libguestfs networking instead of SLIRP. We thought SLIRP
was going to become unsupported in qemu, but recently there have been
more encouraging signs since it looks like SLIRP will be spun off as a
separate project, running as a modular process
2008 Jul 03
0
[PATCH] xen/netfront: Avoid unaligned accesses to IP datagrams.
Align ip header to a 16 byte boundary.
This patch eliminates noisy warnings on IA64.
Signed-off-by: Isaku Yamahata <yamahata at valinux.co.jp>
---
drivers/net/xen-netfront.c | 5 ++++-
1 files changed, 4 insertions(+), 1 deletions(-)
diff --git a/drivers/net/xen-netfront.c b/drivers/net/xen-netfront.c
index 44aed80..2724688 100644
--- a/drivers/net/xen-netfront.c
+++
2019 Jan 07
1
Re: [PATCH v2] Revert "launch: libvirt: Use qemu-bridge-helper to implement a full network (RHBZ#1148012)."
On Thursday, 6 December 2018 16:47:32 CET Richard W.M. Jones wrote:
> We've been carrying this exact patch in RHEL 7 for several years. It
> reverts the change made in 2014 where we switched to using the virbr0
> bridge for libguestfs networking instead of SLIRP. We thought SLIRP
> was going to become unsupported in qemu, but recently there have been
> more encouraging signs
2023 Aug 04
0
[PATCH RFC net-next v5 03/14] af_vsock: support multi-transport datagrams
On Thu, Aug 03, 2023 at 06:58:24PM +0000, Bobby Eshleman wrote:
>On Thu, Aug 03, 2023 at 02:42:26PM +0200, Stefano Garzarella wrote:
>> On Thu, Aug 03, 2023 at 12:53:22AM +0000, Bobby Eshleman wrote:
>> > On Wed, Aug 02, 2023 at 10:24:44PM +0000, Bobby Eshleman wrote:
>> > > On Sun, Jul 23, 2023 at 12:53:15AM +0300, Arseniy Krasnov wrote:
>> > > >
2016 Aug 29
2
Re: guestfs_launch gets stuck
Thanks Rich.
I have used libguestfs for several month. It worked perfectly before, the
issue appears recently. I am trying guestfs_set_backend (g, "direct").
Thanks,
Allen
2016-08-29 23:31 GMT+08:00 Richard W.M. Jones <rjones@redhat.com>:
> On Mon, Aug 29, 2016 at 11:19:04PM +0800, Baochuan Wu wrote:
> > Thanks Rich for you quick reply. I enabled logs and the program
2016 Dec 12
0
Re: libguestfs error: bridge 'virbr0' not found
Sorry, I didn't see this email yesterday.
On Sun, Dec 11, 2016 at 11:25:12AM +0200, Shahar Havivi wrote:
> Hey,
>
> I am getting this error after using virt-v2v-copy-to-local and trying to
> run:
> $ virt-v2v -i libvirtxml rhel7.xml -o local -os /var/tmp -of raw
>
> I try to set:
> export LIBGUESTFS_BACKEND_SETTINGS=virbr0=ovirtmgmt
The syntax is wrong, it should
2016 Sep 05
0
Re: guestfs_launch gets stuck
Hi Rich,
I spend several days on this issue but still cannot figure out the root
cause. Sometimes, guestfs_lauch() gets stuck, sometimes, it is ok.
I reproduced this issue using guestfish:
-bash-4.2# guestfish
Welcome to guestfish, the guest filesystem shell for
editing virtual machine filesystems and disk images.
Type: 'help' for help on commands
'man' to read the manual
2019 Jul 18
0
Re: domain xml questions
On Thu, Jul 18, 2019 at 10:39:09AM +0300, Vasiliy Tolstov wrote:
> Hi!
> If i want to use bridged network or openvswitch, does guestfwd only
> works with slirp network? Or how it work in case of using
> bridge/openvswitch?
It is only supported with type=user (aka slirp) networking.
> <devices>
> <channel type='unix'>
> <source mode='bind'
2019 Jul 18
2
domain xml questions
Hi!
If i want to use bridged network or openvswitch, does guestfwd only
works with slirp network? Or how it work in case of using
bridge/openvswitch?
<devices>
<channel type='unix'>
<source mode='bind' path='/tmp/guestfwd'/>
<target type='guestfwd' address='10.0.2.1' port='4600'/>
</channel>
</devices>
2017 Oct 27
1
[Bug 13105] New: 1byte heap overflow in sanitize_path
https://bugzilla.samba.org/show_bug.cgi?id=13105
Bug ID: 13105
Summary: 1byte heap overflow in sanitize_path
Product: rsync
Version: 3.1.3
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: core
Assignee: wayned at samba.org
Reporter:
2009 May 21
0
FYI: ntpd, CVE-2009-1252, remote code execution with enabled Autokey authentication
For those who are running Autokey with stock NTPD:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1252
http://www.freebsd.org/cgi/query-pr.cgi?pr=134787
For users of net/ntp:
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/134755
http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/134756
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'`
2012 Jun 14
0
FYI: CVE-2012-2690: virt-edit / guestfish edit didn't preserve permissions on edited files.
Old versions of both virt-edit and the guestfish "edit" command
created a new file containing the changes but did not set the
permissions, etc of the new file to match the old one. The result of
this was that if you edited a security sensitive file such as
"/etc/shadow" then it would be left world-readable after the edit.
This issue was assigned CVE-2012-2690, and is fixed in
2017 Oct 31
0
[Bug 13113] New: receive_xattr heap overflow when prepending RSYNC_PREFIX
https://bugzilla.samba.org/show_bug.cgi?id=13113
Bug ID: 13113
Summary: receive_xattr heap overflow when prepending
RSYNC_PREFIX
Product: rsync
Version: 3.1.3
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: core
Assignee: wayned