Bug 258777 (CVE-2009-0036)

Summary:	app-emulation/libvirt libvirt_proxy privilege escalation (CVE-2009-0036)
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	trivial	CC:	marineam, ramereth, virtualization, xen
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:	~1 [noglsa]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2009-02-12 20:27:15 UTC

CVE-2009-0036 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-0036):
  Buffer overflow in the proxyReadClientSocket function in
  proxy/libvirt_proxy.c in libvirt_proxy 0.5.1 might allow local users
  to gain privileges by sending a portion of the header of a
  virProxyPacket packet, and then sending the remainder of the packet
  with crafted values in the header, related to use of uninitialized
  memory in a validation check.

Comment 1 Doug Goldstein (RETIRED) gentoo-dev

2009-06-09 13:37:32 UTC

Oldest version in the tree is 0.6.3. Looking for feedback from the security team.

Comment 2 Diego Elio Pettenò (RETIRED) gentoo-dev

2009-12-23 17:02:18 UTC

Sorry for the mis-reassignment.

But since we don't have stable for libvirt, and we don't have that version around for a looong time, can we just close this up?

Thanks.

Comment 3 Alex Legler (RETIRED) archtester

2009-12-23 17:07:55 UTC

libvirt 0.7.2, the oldest version in the tree has the patch [0] applied.
Closing noglsa.

[0] https://www.redhat.com/archives/libvir-list/2009-January/msg00699.html