blob: 8345c8ec03135ee8c4004869646bd806b8c344e9 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
|
network: 0.940
device: 0.797
graphic: 0.597
debug: 0.518
vnc: 0.402
performance: 0.355
socket: 0.327
files: 0.322
semantic: 0.311
boot: 0.309
PID: 0.122
other: 0.077
KVM: 0.059
permissions: 0.014
nbd: CVE-2024-7409 fix is incomplete
Description of problem:
Patch will hit list soon, but opening issue here since if this misses 9.1, we would need to allocate a second CVE for having an incomplete fix (a remaining use-after-free) in the code originally proposed for CVE-2024-7409.
Steps to reproduce:
1. stress test of attempting repeated 'qemu-nbd --list' in parallel with repeated 'nbd-server-start/nbd-server-stop' loops in a qemu process revealed a use-after-free SEGV of nbd_server->listener
2.
3.
Additional information:
|
