Описание
Security update for libvirt
This update for libvirt fixes the following issues:
Security issues fixed:
- CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458).
- CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595).
Other issue addressed:
- cpu: add Skylake-Server and Skylake-Server-IBRS CPU models (FATE#327261, bsc#1131955)
- libxl: save current memory value after successful balloon (bsc#1120813).
- libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller (bsc#1126325).
- conf: add new 'xenbus' controller type
Список пакетов
SUSE Linux Enterprise Desktop 12 SP3
libvirt-3.3.0-5.30.1
libvirt-admin-3.3.0-5.30.1
libvirt-client-3.3.0-5.30.1
libvirt-daemon-3.3.0-5.30.1
libvirt-daemon-config-network-3.3.0-5.30.1
libvirt-daemon-config-nwfilter-3.3.0-5.30.1
libvirt-daemon-driver-interface-3.3.0-5.30.1
libvirt-daemon-driver-libxl-3.3.0-5.30.1
libvirt-daemon-driver-lxc-3.3.0-5.30.1
libvirt-daemon-driver-network-3.3.0-5.30.1
libvirt-daemon-driver-nodedev-3.3.0-5.30.1
libvirt-daemon-driver-nwfilter-3.3.0-5.30.1
libvirt-daemon-driver-qemu-3.3.0-5.30.1
libvirt-daemon-driver-secret-3.3.0-5.30.1
libvirt-daemon-driver-storage-3.3.0-5.30.1
libvirt-daemon-driver-storage-core-3.3.0-5.30.1
libvirt-daemon-driver-storage-disk-3.3.0-5.30.1
libvirt-daemon-driver-storage-iscsi-3.3.0-5.30.1
libvirt-daemon-driver-storage-logical-3.3.0-5.30.1
libvirt-daemon-driver-storage-mpath-3.3.0-5.30.1
libvirt-daemon-driver-storage-rbd-3.3.0-5.30.1
libvirt-daemon-driver-storage-scsi-3.3.0-5.30.1
libvirt-daemon-lxc-3.3.0-5.30.1
libvirt-daemon-qemu-3.3.0-5.30.1
libvirt-daemon-xen-3.3.0-5.30.1
libvirt-doc-3.3.0-5.30.1
libvirt-libs-3.3.0-5.30.1
SUSE Linux Enterprise Server 12 SP3
libvirt-3.3.0-5.30.1
libvirt-admin-3.3.0-5.30.1
libvirt-client-3.3.0-5.30.1
libvirt-daemon-3.3.0-5.30.1
libvirt-daemon-config-network-3.3.0-5.30.1
libvirt-daemon-config-nwfilter-3.3.0-5.30.1
libvirt-daemon-driver-interface-3.3.0-5.30.1
libvirt-daemon-driver-libxl-3.3.0-5.30.1
libvirt-daemon-driver-lxc-3.3.0-5.30.1
libvirt-daemon-driver-network-3.3.0-5.30.1
libvirt-daemon-driver-nodedev-3.3.0-5.30.1
libvirt-daemon-driver-nwfilter-3.3.0-5.30.1
libvirt-daemon-driver-qemu-3.3.0-5.30.1
libvirt-daemon-driver-secret-3.3.0-5.30.1
libvirt-daemon-driver-storage-3.3.0-5.30.1
libvirt-daemon-driver-storage-core-3.3.0-5.30.1
libvirt-daemon-driver-storage-disk-3.3.0-5.30.1
libvirt-daemon-driver-storage-iscsi-3.3.0-5.30.1
libvirt-daemon-driver-storage-logical-3.3.0-5.30.1
libvirt-daemon-driver-storage-mpath-3.3.0-5.30.1
libvirt-daemon-driver-storage-rbd-3.3.0-5.30.1
libvirt-daemon-driver-storage-scsi-3.3.0-5.30.1
libvirt-daemon-hooks-3.3.0-5.30.1
libvirt-daemon-lxc-3.3.0-5.30.1
libvirt-daemon-qemu-3.3.0-5.30.1
libvirt-daemon-xen-3.3.0-5.30.1
libvirt-doc-3.3.0-5.30.1
libvirt-libs-3.3.0-5.30.1
libvirt-lock-sanlock-3.3.0-5.30.1
libvirt-nss-3.3.0-5.30.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
libvirt-3.3.0-5.30.1
libvirt-admin-3.3.0-5.30.1
libvirt-client-3.3.0-5.30.1
libvirt-daemon-3.3.0-5.30.1
libvirt-daemon-config-network-3.3.0-5.30.1
libvirt-daemon-config-nwfilter-3.3.0-5.30.1
libvirt-daemon-driver-interface-3.3.0-5.30.1
libvirt-daemon-driver-libxl-3.3.0-5.30.1
libvirt-daemon-driver-lxc-3.3.0-5.30.1
libvirt-daemon-driver-network-3.3.0-5.30.1
libvirt-daemon-driver-nodedev-3.3.0-5.30.1
libvirt-daemon-driver-nwfilter-3.3.0-5.30.1
libvirt-daemon-driver-qemu-3.3.0-5.30.1
libvirt-daemon-driver-secret-3.3.0-5.30.1
libvirt-daemon-driver-storage-3.3.0-5.30.1
libvirt-daemon-driver-storage-core-3.3.0-5.30.1
libvirt-daemon-driver-storage-disk-3.3.0-5.30.1
libvirt-daemon-driver-storage-iscsi-3.3.0-5.30.1
libvirt-daemon-driver-storage-logical-3.3.0-5.30.1
libvirt-daemon-driver-storage-mpath-3.3.0-5.30.1
libvirt-daemon-driver-storage-rbd-3.3.0-5.30.1
libvirt-daemon-driver-storage-scsi-3.3.0-5.30.1
libvirt-daemon-hooks-3.3.0-5.30.1
libvirt-daemon-lxc-3.3.0-5.30.1
libvirt-daemon-qemu-3.3.0-5.30.1
libvirt-daemon-xen-3.3.0-5.30.1
libvirt-doc-3.3.0-5.30.1
libvirt-libs-3.3.0-5.30.1
libvirt-lock-sanlock-3.3.0-5.30.1
libvirt-nss-3.3.0-5.30.1
SUSE Linux Enterprise Software Development Kit 12 SP3
libvirt-devel-3.3.0-5.30.1
Ссылки
- Link for SUSE-SU-2019:1042-1
- E-Mail link for SUSE-SU-2019:1042-1
- SUSE Security Ratings
- SUSE Bug 1120813
- SUSE Bug 1126325
- SUSE Bug 1127458
- SUSE Bug 1131595
- SUSE Bug 1131955
- SUSE CVE CVE-2019-3840 page
- SUSE CVE CVE-2019-3886 page
Описание
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libvirt-3.3.0-5.30.1
SUSE Linux Enterprise Desktop 12 SP3:libvirt-admin-3.3.0-5.30.1
SUSE Linux Enterprise Desktop 12 SP3:libvirt-client-3.3.0-5.30.1
SUSE Linux Enterprise Desktop 12 SP3:libvirt-daemon-3.3.0-5.30.1
Ссылки
- CVE-2019-3840
- SUSE Bug 1127458
Описание
An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP3:libvirt-3.3.0-5.30.1
SUSE Linux Enterprise Desktop 12 SP3:libvirt-admin-3.3.0-5.30.1
SUSE Linux Enterprise Desktop 12 SP3:libvirt-client-3.3.0-5.30.1
SUSE Linux Enterprise Desktop 12 SP3:libvirt-daemon-3.3.0-5.30.1
Ссылки
- CVE-2019-3886
- SUSE Bug 1131595
- SUSE Bug 1133150
- SUSE Bug 1138301