Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:2227-2

Опубликовано: 28 авг. 2019
Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes the following issues:

Security issues fixed:

  • CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301).
  • CVE-2019-10167: Fixed an issue with virConnectGetDomainCapabilities API which could have been used to execute arbitrary emulators (bsc#1138303).

Non-security issues fixed:

  • Fixed an issue with short bitmaps when setting vcpu affinity using the vcpupin (bsc#1138734).
  • Added support for overriding max threads per process limit (bsc#1133719)

Список пакетов

SUSE Enterprise Storage 5
libvirt-3.3.0-5.40.1
libvirt-admin-3.3.0-5.40.1
libvirt-client-3.3.0-5.40.1
libvirt-daemon-3.3.0-5.40.1
libvirt-daemon-config-network-3.3.0-5.40.1
libvirt-daemon-config-nwfilter-3.3.0-5.40.1
libvirt-daemon-driver-interface-3.3.0-5.40.1
libvirt-daemon-driver-libxl-3.3.0-5.40.1
libvirt-daemon-driver-lxc-3.3.0-5.40.1
libvirt-daemon-driver-network-3.3.0-5.40.1
libvirt-daemon-driver-nodedev-3.3.0-5.40.1
libvirt-daemon-driver-nwfilter-3.3.0-5.40.1
libvirt-daemon-driver-qemu-3.3.0-5.40.1
libvirt-daemon-driver-secret-3.3.0-5.40.1
libvirt-daemon-driver-storage-3.3.0-5.40.1
libvirt-daemon-driver-storage-core-3.3.0-5.40.1
libvirt-daemon-driver-storage-disk-3.3.0-5.40.1
libvirt-daemon-driver-storage-iscsi-3.3.0-5.40.1
libvirt-daemon-driver-storage-logical-3.3.0-5.40.1
libvirt-daemon-driver-storage-mpath-3.3.0-5.40.1
libvirt-daemon-driver-storage-rbd-3.3.0-5.40.1
libvirt-daemon-driver-storage-scsi-3.3.0-5.40.1
libvirt-daemon-hooks-3.3.0-5.40.1
libvirt-daemon-lxc-3.3.0-5.40.1
libvirt-daemon-qemu-3.3.0-5.40.1
libvirt-daemon-xen-3.3.0-5.40.1
libvirt-doc-3.3.0-5.40.1
libvirt-libs-3.3.0-5.40.1
libvirt-lock-sanlock-3.3.0-5.40.1
libvirt-nss-3.3.0-5.40.1
SUSE Linux Enterprise Server 12 SP3-BCL
libvirt-3.3.0-5.40.1
libvirt-admin-3.3.0-5.40.1
libvirt-client-3.3.0-5.40.1
libvirt-daemon-3.3.0-5.40.1
libvirt-daemon-config-network-3.3.0-5.40.1
libvirt-daemon-config-nwfilter-3.3.0-5.40.1
libvirt-daemon-driver-interface-3.3.0-5.40.1
libvirt-daemon-driver-libxl-3.3.0-5.40.1
libvirt-daemon-driver-lxc-3.3.0-5.40.1
libvirt-daemon-driver-network-3.3.0-5.40.1
libvirt-daemon-driver-nodedev-3.3.0-5.40.1
libvirt-daemon-driver-nwfilter-3.3.0-5.40.1
libvirt-daemon-driver-qemu-3.3.0-5.40.1
libvirt-daemon-driver-secret-3.3.0-5.40.1
libvirt-daemon-driver-storage-3.3.0-5.40.1
libvirt-daemon-driver-storage-core-3.3.0-5.40.1
libvirt-daemon-driver-storage-disk-3.3.0-5.40.1
libvirt-daemon-driver-storage-iscsi-3.3.0-5.40.1
libvirt-daemon-driver-storage-logical-3.3.0-5.40.1
libvirt-daemon-driver-storage-mpath-3.3.0-5.40.1
libvirt-daemon-driver-storage-rbd-3.3.0-5.40.1
libvirt-daemon-driver-storage-scsi-3.3.0-5.40.1
libvirt-daemon-hooks-3.3.0-5.40.1
libvirt-daemon-lxc-3.3.0-5.40.1
libvirt-daemon-qemu-3.3.0-5.40.1
libvirt-daemon-xen-3.3.0-5.40.1
libvirt-doc-3.3.0-5.40.1
libvirt-libs-3.3.0-5.40.1
libvirt-lock-sanlock-3.3.0-5.40.1
libvirt-nss-3.3.0-5.40.1
SUSE Linux Enterprise Server 12 SP3-LTSS
libvirt-3.3.0-5.40.1
libvirt-admin-3.3.0-5.40.1
libvirt-client-3.3.0-5.40.1
libvirt-daemon-3.3.0-5.40.1
libvirt-daemon-config-network-3.3.0-5.40.1
libvirt-daemon-config-nwfilter-3.3.0-5.40.1
libvirt-daemon-driver-interface-3.3.0-5.40.1
libvirt-daemon-driver-libxl-3.3.0-5.40.1
libvirt-daemon-driver-lxc-3.3.0-5.40.1
libvirt-daemon-driver-network-3.3.0-5.40.1
libvirt-daemon-driver-nodedev-3.3.0-5.40.1
libvirt-daemon-driver-nwfilter-3.3.0-5.40.1
libvirt-daemon-driver-qemu-3.3.0-5.40.1
libvirt-daemon-driver-secret-3.3.0-5.40.1
libvirt-daemon-driver-storage-3.3.0-5.40.1
libvirt-daemon-driver-storage-core-3.3.0-5.40.1
libvirt-daemon-driver-storage-disk-3.3.0-5.40.1
libvirt-daemon-driver-storage-iscsi-3.3.0-5.40.1
libvirt-daemon-driver-storage-logical-3.3.0-5.40.1
libvirt-daemon-driver-storage-mpath-3.3.0-5.40.1
libvirt-daemon-driver-storage-rbd-3.3.0-5.40.1
libvirt-daemon-driver-storage-scsi-3.3.0-5.40.1
libvirt-daemon-hooks-3.3.0-5.40.1
libvirt-daemon-lxc-3.3.0-5.40.1
libvirt-daemon-qemu-3.3.0-5.40.1
libvirt-daemon-xen-3.3.0-5.40.1
libvirt-doc-3.3.0-5.40.1
libvirt-libs-3.3.0-5.40.1
libvirt-lock-sanlock-3.3.0-5.40.1
libvirt-nss-3.3.0-5.40.1

Ссылки

Описание

It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs.

Затронутые продукты
SUSE Enterprise Storage 5:libvirt-3.3.0-5.40.1
SUSE Enterprise Storage 5:libvirt-admin-3.3.0-5.40.1
SUSE Enterprise Storage 5:libvirt-client-3.3.0-5.40.1
SUSE Enterprise Storage 5:libvirt-daemon-3.3.0-5.40.1
Ссылки

Описание

The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges.

Затронутые продукты
SUSE Enterprise Storage 5:libvirt-3.3.0-5.40.1
SUSE Enterprise Storage 5:libvirt-admin-3.3.0-5.40.1
SUSE Enterprise Storage 5:libvirt-client-3.3.0-5.40.1
SUSE Enterprise Storage 5:libvirt-daemon-3.3.0-5.40.1
Ссылки
Уязвимость SUSE-SU-2019:2227-2