diff options
Diffstat (limited to 'results/classifier/gemma3:12b/hypervisor/2528')
| -rw-r--r-- | results/classifier/gemma3:12b/hypervisor/2528 | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/results/classifier/gemma3:12b/hypervisor/2528 b/results/classifier/gemma3:12b/hypervisor/2528 new file mode 100644 index 00000000..55f598b6 --- /dev/null +++ b/results/classifier/gemma3:12b/hypervisor/2528 @@ -0,0 +1,10 @@ + +nbd: CVE-2024-7409 fix is incomplete +Description of problem: +Patch will hit list soon, but opening issue here since if this misses 9.1, we would need to allocate a second CVE for having an incomplete fix (a remaining use-after-free) in the code originally proposed for CVE-2024-7409. +Steps to reproduce: +1. stress test of attempting repeated 'qemu-nbd --list' in parallel with repeated 'nbd-server-start/nbd-server-stop' loops in a qemu process revealed a use-after-free SEGV of nbd_server->listener +2. +3. +Additional information: + |