Описание
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libvirt | fixed | 1.2.20-1 | package | |
| libvirt | not-affected | jessie | package | |
| libvirt | not-affected | wheezy | package | |
| libvirt | not-affected | squeeze | package |
Примечания
http://security.libvirt.org/2015/0003.html
Broken by https://libvirt.org/git/?p=libvirt.git;a=commit;h=155ca616eb231181f6978efc9e3a1eb0eb60af8a (v1.2.14-rc1)
and by https://libvirt.org/git/?p=libvirt.git;a=commit;h=7c2d65dde2595c07d56aad1e043f7b1836592d89 (v1.2.16-rc1)
Связанные уязвимости
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.
Уязвимость библиотеки управления виртуализацией libvirt, позволяющая нарушителю вызвать отказ в обслуживании