Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 372963 (CVE-2011-1486) - <app-emulation/libvirt-0.9.0: DOS (CVE-2011-1486)
Summary: <app-emulation/libvirt-0.9.0: DOS (CVE-2011-1486)
Status: RESOLVED FIXED
Alias: CVE-2011-1486
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B4 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2011-06-25 12:25 UTC by GLSAMaker/CVETool Bot
Modified: 2012-02-27 22:32 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description GLSAMaker/CVETool Bot gentoo-dev 2011-06-25 12:25:13 UTC
CVE-2011-1486 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1486):
  libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting,
  which allows remote attackers to cause a denial of service (crash) by
  causing multiple threads to report errors at the same time.


Please punt the older versions.
Comment 1 Doug Goldstein gentoo-dev 2011-07-19 20:21:07 UTC
Versions that match this have been removed from the tree.
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2011-08-18 23:34:32 UTC
Thank you. GLSA Vote: no.
Comment 3 Stefan Behte (RETIRED) gentoo-dev Security 2011-10-08 21:29:00 UTC
Vote: YES. Added to pending GLSA request.
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2012-02-27 22:32:52 UTC
This issue was resolved and addressed in
 GLSA 201202-07 at http://security.gentoo.org/glsa/glsa-201202-07.xml
by GLSA coordinator Stefan Behte (craig).