Описание
ELSA-2020-5040: libvirt security and bug fix update (MODERATE)
[4.5.0-36.el7_9.3]
- rpc: gendispatch: handle empty flags (CVE-2020-25637)
- rpc: add support for filtering @acls by uint params (CVE-2020-25637)
- rpc: require write acl for guest agent in virDomainInterfaceAddresses (CVE-2020-25637)
- qemu: agent: set ifname to NULL after freeing (CVE-2020-25637)
- conf: properly clear out autogenerated macvtap names when formatting/parsing (rhbz#1868549)
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libvirt
4.5.0-36.el7_9.3
libvirt-admin
4.5.0-36.el7_9.3
libvirt-bash-completion
4.5.0-36.el7_9.3
libvirt-client
4.5.0-36.el7_9.3
libvirt-daemon
4.5.0-36.el7_9.3
libvirt-daemon-config-network
4.5.0-36.el7_9.3
libvirt-daemon-config-nwfilter
4.5.0-36.el7_9.3
libvirt-daemon-driver-interface
4.5.0-36.el7_9.3
libvirt-daemon-driver-lxc
4.5.0-36.el7_9.3
libvirt-daemon-driver-network
4.5.0-36.el7_9.3
libvirt-daemon-driver-nodedev
4.5.0-36.el7_9.3
libvirt-daemon-driver-nwfilter
4.5.0-36.el7_9.3
libvirt-daemon-driver-qemu
4.5.0-36.el7_9.3
libvirt-daemon-driver-secret
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-core
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-disk
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-gluster
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-iscsi
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-logical
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-mpath
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-rbd
4.5.0-36.el7_9.3
libvirt-daemon-driver-storage-scsi
4.5.0-36.el7_9.3
libvirt-daemon-kvm
4.5.0-36.el7_9.3
libvirt-daemon-lxc
4.5.0-36.el7_9.3
libvirt-devel
4.5.0-36.el7_9.3
libvirt-docs
4.5.0-36.el7_9.3
libvirt-libs
4.5.0-36.el7_9.3
libvirt-lock-sanlock
4.5.0-36.el7_9.3
libvirt-login-shell
4.5.0-36.el7_9.3
libvirt-nss
4.5.0-36.el7_9.3
Связанные CVE
Связанные уязвимости
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A double free memory issue was found to occur in the libvirt API, in v ...
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.