summary refs log tree commit diff stats
path: root/results/classifier/108/network/2528
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/108/network/2528')
-rw-r--r--results/classifier/108/network/252824
1 files changed, 24 insertions, 0 deletions
diff --git a/results/classifier/108/network/2528 b/results/classifier/108/network/2528
new file mode 100644
index 000000000..8345c8ec0
--- /dev/null
+++ b/results/classifier/108/network/2528
@@ -0,0 +1,24 @@
+network: 0.940
+device: 0.797
+graphic: 0.597
+debug: 0.518
+vnc: 0.402
+performance: 0.355
+socket: 0.327
+files: 0.322
+semantic: 0.311
+boot: 0.309
+PID: 0.122
+other: 0.077
+KVM: 0.059
+permissions: 0.014
+
+nbd: CVE-2024-7409 fix is incomplete
+Description of problem:
+Patch will hit list soon, but opening issue here since if this misses 9.1, we would need to allocate a second CVE for having an incomplete fix (a remaining use-after-free) in the code originally proposed for CVE-2024-7409.
+Steps to reproduce:
+1. stress test of attempting repeated 'qemu-nbd --list' in parallel with repeated 'nbd-server-start/nbd-server-stop' loops in a qemu process revealed a use-after-free SEGV of nbd_server->listener
+2.
+3.
+Additional information:
+