Описание
Security update for libvirt
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2017-5715: Spectre fixes for libvirt (bsc#1079869, bsc#1088147, bsc#1087887).
- CVE-2018-1064: Avoid denial of service reading from QEMU guest agent (bsc#1083625).
- CVE-2018-5748: Avoid denial of service reading from QEMU monitor (bsc#1076500).
Bug fixes:
- bsc#1025340: Use xend for nodeGetFreeMemory API.
- bsc#960742: Allow read access to script directories in libvirtd AppArmor profile.
- bsc#936233: Introduce qemuDomainDefCheckABIStability.
Список пакетов
SUSE Linux Enterprise Point of Sale 11 SP3
libvirt-1.0.5.9-21.5.1
libvirt-client-1.0.5.9-21.5.1
libvirt-doc-1.0.5.9-21.5.1
libvirt-lock-sanlock-1.0.5.9-21.5.1
libvirt-python-1.0.5.9-21.5.1
SUSE Linux Enterprise Server 11 SP3-LTSS
libvirt-1.0.5.9-21.5.1
libvirt-client-1.0.5.9-21.5.1
libvirt-client-32bit-1.0.5.9-21.5.1
libvirt-doc-1.0.5.9-21.5.1
libvirt-lock-sanlock-1.0.5.9-21.5.1
libvirt-python-1.0.5.9-21.5.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
libvirt-1.0.5.9-21.5.1
libvirt-client-1.0.5.9-21.5.1
libvirt-client-32bit-1.0.5.9-21.5.1
libvirt-doc-1.0.5.9-21.5.1
libvirt-lock-sanlock-1.0.5.9-21.5.1
libvirt-python-1.0.5.9-21.5.1
Ссылки
- Link for SUSE-SU-2018:1295-1
- E-Mail link for SUSE-SU-2018:1295-1
- SUSE Security Ratings
- SUSE Bug 1025340
- SUSE Bug 1076500
- SUSE Bug 1079869
- SUSE Bug 1083625
- SUSE Bug 1087887
- SUSE Bug 1088147
- SUSE Bug 936233
- SUSE Bug 960742
- SUSE CVE CVE-2017-5715 page
- SUSE CVE CVE-2018-1064 page
- SUSE CVE CVE-2018-5748 page
Описание
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-client-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-doc-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-lock-sanlock-1.0.5.9-21.5.1
Ссылки
- CVE-2017-5715
- SUSE Bug 1068032
- SUSE Bug 1074562
- SUSE Bug 1074578
- SUSE Bug 1074701
- SUSE Bug 1074741
- SUSE Bug 1074919
- SUSE Bug 1075006
- SUSE Bug 1075007
- SUSE Bug 1075262
- SUSE Bug 1075419
- SUSE Bug 1076115
- SUSE Bug 1076372
- SUSE Bug 1076606
- SUSE Bug 1078353
- SUSE Bug 1080039
- SUSE Bug 1087887
- SUSE Bug 1087939
- SUSE Bug 1088147
- SUSE Bug 1089055
Описание
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-client-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-doc-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-lock-sanlock-1.0.5.9-21.5.1
Ссылки
- CVE-2018-1064
- SUSE Bug 1076500
- SUSE Bug 1083625
- SUSE Bug 1087887
- SUSE Bug 1088147
Описание
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-client-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-doc-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-lock-sanlock-1.0.5.9-21.5.1
Ссылки
- CVE-2018-5748
- SUSE Bug 1076500
- SUSE Bug 1083625
- SUSE Bug 1087887