Date: Thu, 10 Mar 2011 15:04:35 -0500 (EST) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com, Petr Matousek <pmatouse@...hat.com> Cc: coley@...us.mitre.org Subject: Re: CVE request: libvirt: several API calls do not honour read-only connection ----- Original Message ----- > "It has been found that several libvirt API calls > (virNodeDeviceDettach, > virNodeDeviceReset, virDomainRevertToSnapshot, > virDomainSnapshotDelete) did not > honour read-only connection. Remote attacker could use this flaw to > crash the > host server (DoS)." > > Reference: > https://bugzilla.redhat.com/show_bug.cgi?id=683650 > This should only need one ID. Please use CVE-2011-1146 Thanks. -- JB
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ