Описание
Security update for libvirt
This update for libvirt fixes the following issues:
Security issue fixed:
- CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458).
- CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595).
Other issues addressed:
- libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller (bsc#1126325).
- conf: added new 'xenbus' controller type
- util: skip RDMA detection for non-PCI network devices (bsc#1112182).
- qemu: don't use CAP_DAC_OVERRIDE capability if non-root (bsc#1125665).
- qemu: fix issues related to restricted permissions on /dev/sev(bsc#1102604).
- libxl: save current memory value after successful balloon (bsc#1120813).
- libxl: Add support for soft reset. (bsc#1081516)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP4
libvirt-4.0.0-8.9.1
libvirt-admin-4.0.0-8.9.1
libvirt-client-4.0.0-8.9.1
libvirt-daemon-4.0.0-8.9.1
libvirt-daemon-config-network-4.0.0-8.9.1
libvirt-daemon-config-nwfilter-4.0.0-8.9.1
libvirt-daemon-driver-interface-4.0.0-8.9.1
libvirt-daemon-driver-libxl-4.0.0-8.9.1
libvirt-daemon-driver-lxc-4.0.0-8.9.1
libvirt-daemon-driver-network-4.0.0-8.9.1
libvirt-daemon-driver-nodedev-4.0.0-8.9.1
libvirt-daemon-driver-nwfilter-4.0.0-8.9.1
libvirt-daemon-driver-qemu-4.0.0-8.9.1
libvirt-daemon-driver-secret-4.0.0-8.9.1
libvirt-daemon-driver-storage-4.0.0-8.9.1
libvirt-daemon-driver-storage-core-4.0.0-8.9.1
libvirt-daemon-driver-storage-disk-4.0.0-8.9.1
libvirt-daemon-driver-storage-iscsi-4.0.0-8.9.1
libvirt-daemon-driver-storage-logical-4.0.0-8.9.1
libvirt-daemon-driver-storage-mpath-4.0.0-8.9.1
libvirt-daemon-driver-storage-rbd-4.0.0-8.9.1
libvirt-daemon-driver-storage-scsi-4.0.0-8.9.1
libvirt-daemon-lxc-4.0.0-8.9.1
libvirt-daemon-qemu-4.0.0-8.9.1
libvirt-daemon-xen-4.0.0-8.9.1
libvirt-doc-4.0.0-8.9.1
libvirt-libs-4.0.0-8.9.1
SUSE Linux Enterprise Server 12 SP4
libvirt-4.0.0-8.9.1
libvirt-admin-4.0.0-8.9.1
libvirt-client-4.0.0-8.9.1
libvirt-daemon-4.0.0-8.9.1
libvirt-daemon-config-network-4.0.0-8.9.1
libvirt-daemon-config-nwfilter-4.0.0-8.9.1
libvirt-daemon-driver-interface-4.0.0-8.9.1
libvirt-daemon-driver-libxl-4.0.0-8.9.1
libvirt-daemon-driver-lxc-4.0.0-8.9.1
libvirt-daemon-driver-network-4.0.0-8.9.1
libvirt-daemon-driver-nodedev-4.0.0-8.9.1
libvirt-daemon-driver-nwfilter-4.0.0-8.9.1
libvirt-daemon-driver-qemu-4.0.0-8.9.1
libvirt-daemon-driver-secret-4.0.0-8.9.1
libvirt-daemon-driver-storage-4.0.0-8.9.1
libvirt-daemon-driver-storage-core-4.0.0-8.9.1
libvirt-daemon-driver-storage-disk-4.0.0-8.9.1
libvirt-daemon-driver-storage-iscsi-4.0.0-8.9.1
libvirt-daemon-driver-storage-logical-4.0.0-8.9.1
libvirt-daemon-driver-storage-mpath-4.0.0-8.9.1
libvirt-daemon-driver-storage-rbd-4.0.0-8.9.1
libvirt-daemon-driver-storage-scsi-4.0.0-8.9.1
libvirt-daemon-hooks-4.0.0-8.9.1
libvirt-daemon-lxc-4.0.0-8.9.1
libvirt-daemon-qemu-4.0.0-8.9.1
libvirt-daemon-xen-4.0.0-8.9.1
libvirt-doc-4.0.0-8.9.1
libvirt-libs-4.0.0-8.9.1
libvirt-lock-sanlock-4.0.0-8.9.1
libvirt-nss-4.0.0-8.9.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libvirt-4.0.0-8.9.1
libvirt-admin-4.0.0-8.9.1
libvirt-client-4.0.0-8.9.1
libvirt-daemon-4.0.0-8.9.1
libvirt-daemon-config-network-4.0.0-8.9.1
libvirt-daemon-config-nwfilter-4.0.0-8.9.1
libvirt-daemon-driver-interface-4.0.0-8.9.1
libvirt-daemon-driver-libxl-4.0.0-8.9.1
libvirt-daemon-driver-lxc-4.0.0-8.9.1
libvirt-daemon-driver-network-4.0.0-8.9.1
libvirt-daemon-driver-nodedev-4.0.0-8.9.1
libvirt-daemon-driver-nwfilter-4.0.0-8.9.1
libvirt-daemon-driver-qemu-4.0.0-8.9.1
libvirt-daemon-driver-secret-4.0.0-8.9.1
libvirt-daemon-driver-storage-4.0.0-8.9.1
libvirt-daemon-driver-storage-core-4.0.0-8.9.1
libvirt-daemon-driver-storage-disk-4.0.0-8.9.1
libvirt-daemon-driver-storage-iscsi-4.0.0-8.9.1
libvirt-daemon-driver-storage-logical-4.0.0-8.9.1
libvirt-daemon-driver-storage-mpath-4.0.0-8.9.1
libvirt-daemon-driver-storage-rbd-4.0.0-8.9.1
libvirt-daemon-driver-storage-scsi-4.0.0-8.9.1
libvirt-daemon-hooks-4.0.0-8.9.1
libvirt-daemon-lxc-4.0.0-8.9.1
libvirt-daemon-qemu-4.0.0-8.9.1
libvirt-daemon-xen-4.0.0-8.9.1
libvirt-doc-4.0.0-8.9.1
libvirt-libs-4.0.0-8.9.1
libvirt-lock-sanlock-4.0.0-8.9.1
libvirt-nss-4.0.0-8.9.1
SUSE Linux Enterprise Software Development Kit 12 SP4
libvirt-devel-4.0.0-8.9.1
Ссылки
- Link for SUSE-SU-2019:0948-1
- E-Mail link for SUSE-SU-2019:0948-1
- SUSE Security Ratings
- SUSE Bug 1081516
- SUSE Bug 1102604
- SUSE Bug 1112182
- SUSE Bug 1120813
- SUSE Bug 1125665
- SUSE Bug 1126325
- SUSE Bug 1127458
- SUSE Bug 1131595
- SUSE CVE CVE-2019-3840 page
- SUSE CVE CVE-2019-3886 page
Описание
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:libvirt-4.0.0-8.9.1
SUSE Linux Enterprise Desktop 12 SP4:libvirt-admin-4.0.0-8.9.1
SUSE Linux Enterprise Desktop 12 SP4:libvirt-client-4.0.0-8.9.1
SUSE Linux Enterprise Desktop 12 SP4:libvirt-daemon-4.0.0-8.9.1
Ссылки
- CVE-2019-3840
- SUSE Bug 1127458
Описание
An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP4:libvirt-4.0.0-8.9.1
SUSE Linux Enterprise Desktop 12 SP4:libvirt-admin-4.0.0-8.9.1
SUSE Linux Enterprise Desktop 12 SP4:libvirt-client-4.0.0-8.9.1
SUSE Linux Enterprise Desktop 12 SP4:libvirt-daemon-4.0.0-8.9.1
Ссылки
- CVE-2019-3886
- SUSE Bug 1131595
- SUSE Bug 1133150
- SUSE Bug 1138301