libvirt security update
libvirtd could crash if bogus parameters where passed to
the VirDomainGetVcpus call (CVE-2011-2511).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 4836
Fixed bugs
bnc#703084
VUL-0: libvirt: integer overflow in VirDomainGetVcpus
CVE#CVE-2011-2511
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.
