[Libguestfs] ATTN: Denial of service attack possible on libguestfs 1.21.x, libguestfs.1.22.0

Richard W.M. Jones rjones at redhat.com
Tue May 28 16:27:15 UTC 2013

On Tue, May 28, 2013 at 05:06:45PM +0100, Richard W.M. Jones wrote:
> There's a denial of service attack possible from guests on any program
> that does inspection (eg. virt-inspector, many other virt-* tools,
> virt-v2v, OpenStack).
> The attack causes the host process to crash because of a double free.
> It's probably not exploitable (definitely not on Fedora because of the
> default memory hardening settings).
> This patch contains the fix and a reproducer:
> https://github.com/libguestfs/libguestfs/commit/fa6a76050d82894365dfe32916903ef7fee3ffcd
> This affects libguestfs >= 1.21.6 and libguestfs 1.22.0 and 1.23.0.
> I will include the fix in libguestfs >= 1.22.1 and >= 1.23.1.

Actually this also affects the libguestfs 1.20 branch because
I managed to backport the original bug there.  Go me.

I will fix this in libguestfs >= 1.20.7.


Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
libguestfs lets you edit virtual machines.  Supports shell scripting,
bindings from many languages.  http://libguestfs.org

More information about the Libguestfs mailing list