blob: a3295ce56d94aa0cd77304a98abd721c74c01474 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
|
nbd: CVE-2024-7409 fix is incomplete
Description of problem:
Patch will hit list soon, but opening issue here since if this misses 9.1, we would need to allocate a second CVE for having an incomplete fix (a remaining use-after-free) in the code originally proposed for CVE-2024-7409.
Steps to reproduce:
1. stress test of attempting repeated 'qemu-nbd --list' in parallel with repeated 'nbd-server-start/nbd-server-stop' loops in a qemu process revealed a use-after-free SEGV of nbd_server->listener
2.
3.
Additional information:
|