Описание
ELSA-2019-4688: libvirt security update (IMPORTANT)
[5.0.0-4.el7]
- logging: restrict sockets to mode 0600 (Daniel P. Berrange) [Orabug: 29861433] {CVE-2019-10132}
- locking: restrict sockets to mode 0600 (Daniel P. Berrange) [Orabug: 29861433] {CVE-2019-10132}
- admin: reject clients unless their UID matches the current UID (Daniel P. Berrange) [Orabug: 29861433] {CVE-2019-10132}
Обновленные пакеты
Oracle Linux 7
Oracle Linux aarch64
libvirt
5.0.0-4.el7
libvirt-admin
5.0.0-4.el7
libvirt-bash-completion
5.0.0-4.el7
libvirt-client
5.0.0-4.el7
libvirt-daemon
5.0.0-4.el7
libvirt-daemon-config-network
5.0.0-4.el7
libvirt-daemon-config-nwfilter
5.0.0-4.el7
libvirt-daemon-driver-interface
5.0.0-4.el7
libvirt-daemon-driver-lxc
5.0.0-4.el7
libvirt-daemon-driver-network
5.0.0-4.el7
libvirt-daemon-driver-nodedev
5.0.0-4.el7
libvirt-daemon-driver-nwfilter
5.0.0-4.el7
libvirt-daemon-driver-qemu
5.0.0-4.el7
libvirt-daemon-driver-secret
5.0.0-4.el7
libvirt-daemon-driver-storage
5.0.0-4.el7
libvirt-daemon-driver-storage-core
5.0.0-4.el7
libvirt-daemon-driver-storage-disk
5.0.0-4.el7
libvirt-daemon-driver-storage-gluster
5.0.0-4.el7
libvirt-daemon-driver-storage-iscsi
5.0.0-4.el7
libvirt-daemon-driver-storage-logical
5.0.0-4.el7
libvirt-daemon-driver-storage-mpath
5.0.0-4.el7
libvirt-daemon-driver-storage-rbd
5.0.0-4.el7
libvirt-daemon-driver-storage-scsi
5.0.0-4.el7
libvirt-daemon-kvm
5.0.0-4.el7
libvirt-daemon-lxc
5.0.0-4.el7
libvirt-daemon-qemu
5.0.0-4.el7
libvirt-devel
5.0.0-4.el7
libvirt-docs
5.0.0-4.el7
libvirt-libs
5.0.0-4.el7
libvirt-lock-sanlock
5.0.0-4.el7
libvirt-login-shell
5.0.0-4.el7
libvirt-nss
5.0.0-4.el7
Oracle Linux x86_64
libvirt
5.0.0-4.el7
libvirt-admin
5.0.0-4.el7
libvirt-bash-completion
5.0.0-4.el7
libvirt-client
5.0.0-4.el7
libvirt-daemon
5.0.0-4.el7
libvirt-daemon-config-network
5.0.0-4.el7
libvirt-daemon-config-nwfilter
5.0.0-4.el7
libvirt-daemon-driver-interface
5.0.0-4.el7
libvirt-daemon-driver-lxc
5.0.0-4.el7
libvirt-daemon-driver-network
5.0.0-4.el7
libvirt-daemon-driver-nodedev
5.0.0-4.el7
libvirt-daemon-driver-nwfilter
5.0.0-4.el7
libvirt-daemon-driver-qemu
5.0.0-4.el7
libvirt-daemon-driver-secret
5.0.0-4.el7
libvirt-daemon-driver-storage
5.0.0-4.el7
libvirt-daemon-driver-storage-core
5.0.0-4.el7
libvirt-daemon-driver-storage-disk
5.0.0-4.el7
libvirt-daemon-driver-storage-gluster
5.0.0-4.el7
libvirt-daemon-driver-storage-iscsi
5.0.0-4.el7
libvirt-daemon-driver-storage-logical
5.0.0-4.el7
libvirt-daemon-driver-storage-mpath
5.0.0-4.el7
libvirt-daemon-driver-storage-rbd
5.0.0-4.el7
libvirt-daemon-driver-storage-scsi
5.0.0-4.el7
libvirt-daemon-kvm
5.0.0-4.el7
libvirt-daemon-lxc
5.0.0-4.el7
libvirt-daemon-qemu
5.0.0-4.el7
libvirt-devel
5.0.0-4.el7
libvirt-docs
5.0.0-4.el7
libvirt-libs
5.0.0-4.el7
libvirt-lock-sanlock
5.0.0-4.el7
libvirt-login-shell
5.0.0-4.el7
libvirt-nss
5.0.0-4.el7
Связанные CVE
Связанные уязвимости
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.s ...
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.