summary refs log tree commit diff stats
path: root/results/classifier/105/network/2528
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/105/network/2528')
-rw-r--r--results/classifier/105/network/252822
1 files changed, 22 insertions, 0 deletions
diff --git a/results/classifier/105/network/2528 b/results/classifier/105/network/2528
new file mode 100644
index 00000000..5c51e103
--- /dev/null
+++ b/results/classifier/105/network/2528
@@ -0,0 +1,22 @@
+network: 0.940
+device: 0.797
+graphic: 0.597
+instruction: 0.588
+vnc: 0.402
+socket: 0.327
+semantic: 0.311
+boot: 0.309
+other: 0.077
+KVM: 0.059
+assembly: 0.044
+mistranslation: 0.038
+
+nbd: CVE-2024-7409 fix is incomplete
+Description of problem:
+Patch will hit list soon, but opening issue here since if this misses 9.1, we would need to allocate a second CVE for having an incomplete fix (a remaining use-after-free) in the code originally proposed for CVE-2024-7409.
+Steps to reproduce:
+1. stress test of attempting repeated 'qemu-nbd --list' in parallel with repeated 'nbd-server-start/nbd-server-stop' loops in a qemu process revealed a use-after-free SEGV of nbd_server->listener
+2.
+3.
+Additional information:
+