From ${URL} : Commit 632180d1 introduced memory corruption in xenDaemonListDefinedDomains() by starting to populate the names array at index -1, causing all sorts of havoc in libvirtd such as aborts like the following *** Error in `/usr/sbin/libvirtd': double free or corruption (out): 0x00007fffe00ccf20 *** The xenDaemonListDefinedDomains() function is reached by the virConnectListDefinedDomains() public API, which can be used on read-only connections. Introduced in: libvirt v1.1.1 Introduced by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=632180d1 Fixed by: http://libvirt.org/git/?p=libvirt.git;a=commit;h=0e671a16 @maintainer(s): after the bump, in case we need to stabilize the package, please say explicitly if it is ready for the stabilization or not.
This was fixed in 1.1.1-r1, which is the current stable version for amd64. x86 is still at 1.0.5.4, so they're totally unaffected. There is no affected version in the tree.
The affected versions that you set are wrong. It only ever affected =app-emulation/libvirt-1.1.1, it never affected any other version. =app-emulation/libvirt-1.1.1 never went stable on any platform either.
(In reply to Doug Goldstein from comment #2) > The affected versions that you set are wrong. It only ever affected > =app-emulation/libvirt-1.1.1, it never affected any other version. > =app-emulation/libvirt-1.1.1 never went stable on any platform either. Is right but this is the way
(In reply to Doug Goldstein from comment #2) > The affected versions that you set are wrong. It only ever affected > =app-emulation/libvirt-1.1.1, it never affected any other version. > =app-emulation/libvirt-1.1.1 never went stable on any platform either. Thanks, Doug. Closing noglsa.
CVE-2013-4239 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4239): The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.
