| Summary: | <app-emulation/libvirt-10.1.0: off-by-one error in udevListInterfacesByStatus() | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Michal Prívozník <michal.privoznik> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | UNCONFIRMED --- | ||
| Severity: | normal | CC: | michal.privoznik |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://gitlab.com/libvirt/libvirt/-/commit/c664015fe3a7bf59db26686e9ed69af011c6ebb8 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
|
Description
Michal Prívozník
2024-04-13 19:58:24 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ae3831574e5c8344213c231e4b03acbb899f7fec commit ae3831574e5c8344213c231e4b03acbb899f7fec Author: Michal Privoznik <michal.privoznik@gmail.com> AuthorDate: 2024-04-13 18:49:27 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-04-14 00:41:52 +0000 app-emulation/libvirt: Backport fix for CVE-2024-1441 The fix made it into app-emulation/libvirt-10.1.0 release. Backport the fix into anything older. https://nvd.nist.gov/vuln/detail/CVE-2024-1441 Bug: https://bugs.gentoo.org/929965 Signed-off-by: Michal Privoznik <michal.privoznik@gmail.com> Signed-off-by: Sam James <sam@gentoo.org> ...y-one-error-in-udevListInterfacesByStatus.patch | 42 ++++++++++++++++++++++ app-emulation/libvirt/libvirt-10.0.0-r1.ebuild | 1 + app-emulation/libvirt/libvirt-9.8.0-r1.ebuild | 1 + app-emulation/libvirt/libvirt-9.9.0-r1.ebuild | 1 + 4 files changed, 45 insertions(+) |
