From: Peter Krempa <pkrempa@redhat.com>
Date: Thu, 29 Aug 2024 08:53:25 +0000 (+0200)
Subject: NEWS: Mention fix for CVE-2024-8235
X-Git-Url: http://xenbits.xensource.com/gitweb?a=commitdiff_plain;h=d9eac9bb54fd2b74073fec8ac3ad13ce9875d90b;p=libvirt.git

NEWS: Mention fix for CVE-2024-8235

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
---

diff --git a/NEWS.rst b/NEWS.rst
index 9234e70590..755f51d5b7 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -13,6 +13,18 @@ v10.7.0 (unreleased)
 
 * **Security**
 
+  * CVE-2024-8235: Crash of ``virtinterfaced`` via ``virConnectListInterfaces()``
+
+    A refactor of the code fetching the list of interfaces for multiple APIs
+    introduced corner case on platforms where allocating 0 bytes of memory
+    results in a NULL pointer.
+
+    This corner case would lead to a NULL-pointer dereference and subsequent
+    crash of ``virtinterfaced`` if ``virConnectListInterfaces()`` is called
+    requesting 0 networks to be filled.
+
+    The bug was introduced in libvirt-10.4.0
+
 * **Removed features**
 
 * **New features**