ELSA-2024-4757

Опубликовано: 23 июл. 2024

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2024-4757: libvirt security update (MODERATE)

[10.0.0-6.6.0.1]

Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554]

[10.0.0-6.6.el9_4]

vmx: Do not require DVS Port ID (RHEL-45520)
vmx: Do not require all ID data for VMWare Distributed Switch (RHEL-46595)

[10.0.0-6.5.el9_4]

qemu: Fix migration with disabled vmx-* CPU features (RHEL-44984)

[10.0.0-6.4.el9_4]

rpc: ensure temporary GSource is removed from client event loop (CVE-2024-4418)

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

libvirt

10.0.0-6.6.0.1.el9_4

libvirt-client

10.0.0-6.6.0.1.el9_4

libvirt-client-qemu

10.0.0-6.6.0.1.el9_4

libvirt-daemon

10.0.0-6.6.0.1.el9_4

libvirt-daemon-common

10.0.0-6.6.0.1.el9_4

libvirt-daemon-config-network

10.0.0-6.6.0.1.el9_4

libvirt-daemon-config-nwfilter

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-interface

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-network

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-nodedev

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-nwfilter

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-qemu

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-secret

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-core

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-disk

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-iscsi

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-logical

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-mpath

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-rbd

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-scsi

10.0.0-6.6.0.1.el9_4

libvirt-daemon-kvm

10.0.0-6.6.0.1.el9_4

libvirt-daemon-lock

10.0.0-6.6.0.1.el9_4

libvirt-daemon-log

10.0.0-6.6.0.1.el9_4

libvirt-daemon-plugin-lockd

10.0.0-6.6.0.1.el9_4

libvirt-daemon-plugin-sanlock

10.0.0-6.6.0.1.el9_4

libvirt-daemon-proxy

10.0.0-6.6.0.1.el9_4

libvirt-devel

10.0.0-6.6.0.1.el9_4

libvirt-docs

10.0.0-6.6.0.1.el9_4

libvirt-libs

10.0.0-6.6.0.1.el9_4

libvirt-nss

10.0.0-6.6.0.1.el9_4

Oracle Linux x86_64

libvirt

10.0.0-6.6.0.1.el9_4

libvirt-client

10.0.0-6.6.0.1.el9_4

libvirt-client-qemu

10.0.0-6.6.0.1.el9_4

libvirt-daemon

10.0.0-6.6.0.1.el9_4

libvirt-daemon-common

10.0.0-6.6.0.1.el9_4

libvirt-daemon-config-network

10.0.0-6.6.0.1.el9_4

libvirt-daemon-config-nwfilter

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-interface

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-network

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-nodedev

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-nwfilter

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-qemu

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-secret

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-core

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-disk

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-iscsi

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-logical

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-mpath

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-rbd

10.0.0-6.6.0.1.el9_4

libvirt-daemon-driver-storage-scsi

10.0.0-6.6.0.1.el9_4

libvirt-daemon-kvm

10.0.0-6.6.0.1.el9_4

libvirt-daemon-lock

10.0.0-6.6.0.1.el9_4

libvirt-daemon-log

10.0.0-6.6.0.1.el9_4

libvirt-daemon-plugin-lockd

10.0.0-6.6.0.1.el9_4

libvirt-daemon-plugin-sanlock

10.0.0-6.6.0.1.el9_4

libvirt-daemon-proxy

10.0.0-6.6.0.1.el9_4

libvirt-devel

10.0.0-6.6.0.1.el9_4

libvirt-docs

10.0.0-6.6.0.1.el9_4

libvirt-libs

10.0.0-6.6.0.1.el9_4

libvirt-nss

10.0.0-6.6.0.1.el9_4

Связанные CVE

CVE-2024-4418

Ссылки на источники

Связанные уязвимости

CVE-2024-4418

CVSS3: 6.2

ubuntu

около 1 года назад

A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it.