SUSE-SU-2018:0385-1

Опубликовано: 07 фев. 2018

Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt provides several fixes.

This security issue was fixed:

CVE-2018-5748: Prevent resource exhaustion via qemuMonitorIORead() method which allowed to cause DoS (bsc#1076500).

These security issues were fixed:

Add a qemu hook script providing functionality similar to Xen's block-dmmd script. (fate#324177)
schema: Make disk driver name attribute optional. (bsc#1073973)
virt-create-rootfs: Handle all SLE 12 versions. (bsc#1072887)
libvirt-guests: Fix the 'stop' operation when action is 'suspend'. (bsc#1070130)

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

libvirt-2.0.0-27.29.1

libvirt-client-2.0.0-27.29.1

libvirt-client-32bit-2.0.0-27.29.1

libvirt-daemon-2.0.0-27.29.1

libvirt-daemon-config-network-2.0.0-27.29.1

libvirt-daemon-config-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-interface-2.0.0-27.29.1

libvirt-daemon-driver-libxl-2.0.0-27.29.1

libvirt-daemon-driver-lxc-2.0.0-27.29.1

libvirt-daemon-driver-network-2.0.0-27.29.1

libvirt-daemon-driver-nodedev-2.0.0-27.29.1

libvirt-daemon-driver-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-qemu-2.0.0-27.29.1

libvirt-daemon-driver-secret-2.0.0-27.29.1

libvirt-daemon-driver-storage-2.0.0-27.29.1

libvirt-daemon-lxc-2.0.0-27.29.1

libvirt-daemon-qemu-2.0.0-27.29.1

libvirt-daemon-xen-2.0.0-27.29.1

libvirt-doc-2.0.0-27.29.1

SUSE Linux Enterprise Server 12 SP2

libvirt-2.0.0-27.29.1

libvirt-client-2.0.0-27.29.1

libvirt-daemon-2.0.0-27.29.1

libvirt-daemon-config-network-2.0.0-27.29.1

libvirt-daemon-config-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-interface-2.0.0-27.29.1

libvirt-daemon-driver-libxl-2.0.0-27.29.1

libvirt-daemon-driver-lxc-2.0.0-27.29.1

libvirt-daemon-driver-network-2.0.0-27.29.1

libvirt-daemon-driver-nodedev-2.0.0-27.29.1

libvirt-daemon-driver-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-qemu-2.0.0-27.29.1

libvirt-daemon-driver-secret-2.0.0-27.29.1

libvirt-daemon-driver-storage-2.0.0-27.29.1

libvirt-daemon-lxc-2.0.0-27.29.1

libvirt-daemon-qemu-2.0.0-27.29.1

libvirt-daemon-xen-2.0.0-27.29.1

libvirt-doc-2.0.0-27.29.1

libvirt-lock-sanlock-2.0.0-27.29.1

libvirt-nss-2.0.0-27.29.1

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

libvirt-2.0.0-27.29.1

libvirt-client-2.0.0-27.29.1

libvirt-daemon-2.0.0-27.29.1

libvirt-daemon-config-network-2.0.0-27.29.1

libvirt-daemon-config-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-interface-2.0.0-27.29.1

libvirt-daemon-driver-lxc-2.0.0-27.29.1

libvirt-daemon-driver-network-2.0.0-27.29.1

libvirt-daemon-driver-nodedev-2.0.0-27.29.1

libvirt-daemon-driver-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-qemu-2.0.0-27.29.1

libvirt-daemon-driver-secret-2.0.0-27.29.1

libvirt-daemon-driver-storage-2.0.0-27.29.1

libvirt-daemon-lxc-2.0.0-27.29.1

libvirt-daemon-qemu-2.0.0-27.29.1

libvirt-doc-2.0.0-27.29.1

libvirt-lock-sanlock-2.0.0-27.29.1

libvirt-nss-2.0.0-27.29.1

SUSE Linux Enterprise Server for SAP Applications 12 SP2

libvirt-2.0.0-27.29.1

libvirt-client-2.0.0-27.29.1

libvirt-daemon-2.0.0-27.29.1

libvirt-daemon-config-network-2.0.0-27.29.1

libvirt-daemon-config-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-interface-2.0.0-27.29.1

libvirt-daemon-driver-libxl-2.0.0-27.29.1

libvirt-daemon-driver-lxc-2.0.0-27.29.1

libvirt-daemon-driver-network-2.0.0-27.29.1

libvirt-daemon-driver-nodedev-2.0.0-27.29.1

libvirt-daemon-driver-nwfilter-2.0.0-27.29.1

libvirt-daemon-driver-qemu-2.0.0-27.29.1

libvirt-daemon-driver-secret-2.0.0-27.29.1

libvirt-daemon-driver-storage-2.0.0-27.29.1

libvirt-daemon-lxc-2.0.0-27.29.1

libvirt-daemon-qemu-2.0.0-27.29.1

libvirt-daemon-xen-2.0.0-27.29.1

libvirt-doc-2.0.0-27.29.1

libvirt-lock-sanlock-2.0.0-27.29.1

libvirt-nss-2.0.0-27.29.1

SUSE Linux Enterprise Software Development Kit 12 SP2

libvirt-devel-2.0.0-27.29.1

SUSE Linux Enterprise Workstation Extension 12 SP2

libvirt-client-32bit-2.0.0-27.29.1

Ссылки

https://www.suse.com/support/update/announcement/2018/suse-su-20180385-1/
Link for SUSE-SU-2018:0385-1
https://lists.suse.com/pipermail/sle-security-updates/2018-February/003713.html
E-Mail link for SUSE-SU-2018:0385-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1070130
SUSE Bug 1070130
https://bugzilla.suse.com/1072887
SUSE Bug 1072887
https://bugzilla.suse.com/1073973
SUSE Bug 1073973
https://bugzilla.suse.com/1076500
SUSE Bug 1076500
https://www.suse.com/security/cve/CVE-2018-5748/
SUSE CVE CVE-2018-5748 page

Описание

qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.

Затронутые продукты

SUSE Linux Enterprise Desktop 12 SP2:libvirt-2.0.0-27.29.1

SUSE Linux Enterprise Desktop 12 SP2:libvirt-client-2.0.0-27.29.1

SUSE Linux Enterprise Desktop 12 SP2:libvirt-client-32bit-2.0.0-27.29.1

SUSE Linux Enterprise Desktop 12 SP2:libvirt-daemon-2.0.0-27.29.1

Ссылки

https://www.suse.com/security/cve/CVE-2018-5748.html
CVE-2018-5748
https://bugzilla.suse.com/1076500
SUSE Bug 1076500
https://bugzilla.suse.com/1083625
SUSE Bug 1083625
https://bugzilla.suse.com/1087887
SUSE Bug 1087887

SUSE-SU-2018:0385-1

Описание

Список пакетов

SUSE Linux Enterprise Desktop 12 SP2

SUSE Linux Enterprise Server 12 SP2

SUSE Linux Enterprise Server for Raspberry Pi 12 SP2

SUSE Linux Enterprise Server for SAP Applications 12 SP2

SUSE Linux Enterprise Software Development Kit 12 SP2

SUSE Linux Enterprise Workstation Extension 12 SP2

Ссылки

Уязвимость: CVE-2018-5748

Описание

Затронутые продукты

Ссылки