Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2021-3631: fix SELinux label generation logic (bsc#1187871)
Список пакетов
Image SLES15-SP2-SAP-Azure
libvirt-client-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
Image SLES15-SP2-SAP-BYOS-Azure
libvirt-client-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
Image SLES15-SP2-SAP-BYOS-EC2-HVM
libvirt-client-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
Image SLES15-SP2-SAP-BYOS-GCE
libvirt-client-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
Image SLES15-SP2-SAP-EC2-HVM
libvirt-client-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
Image SLES15-SP2-SAP-GCE
libvirt-client-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
SUSE Linux Enterprise Micro 5.0
libvirt-daemon-6.0.0-13.16.2
libvirt-daemon-driver-interface-6.0.0-13.16.2
libvirt-daemon-driver-network-6.0.0-13.16.2
libvirt-daemon-driver-nodedev-6.0.0-13.16.2
libvirt-daemon-driver-nwfilter-6.0.0-13.16.2
libvirt-daemon-driver-qemu-6.0.0-13.16.2
libvirt-daemon-driver-secret-6.0.0-13.16.2
libvirt-daemon-driver-storage-6.0.0-13.16.2
libvirt-daemon-driver-storage-core-6.0.0-13.16.2
libvirt-daemon-driver-storage-disk-6.0.0-13.16.2
libvirt-daemon-driver-storage-iscsi-6.0.0-13.16.2
libvirt-daemon-driver-storage-logical-6.0.0-13.16.2
libvirt-daemon-driver-storage-mpath-6.0.0-13.16.2
libvirt-daemon-driver-storage-rbd-6.0.0-13.16.2
libvirt-daemon-driver-storage-scsi-6.0.0-13.16.2
libvirt-daemon-qemu-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
SUSE Linux Enterprise Module for Basesystem 15 SP2
libvirt-libs-6.0.0-13.16.2
SUSE Linux Enterprise Module for Server Applications 15 SP2
libvirt-6.0.0-13.16.2
libvirt-admin-6.0.0-13.16.2
libvirt-bash-completion-6.0.0-13.16.2
libvirt-client-6.0.0-13.16.2
libvirt-daemon-6.0.0-13.16.2
libvirt-daemon-config-network-6.0.0-13.16.2
libvirt-daemon-config-nwfilter-6.0.0-13.16.2
libvirt-daemon-driver-interface-6.0.0-13.16.2
libvirt-daemon-driver-libxl-6.0.0-13.16.2
libvirt-daemon-driver-lxc-6.0.0-13.16.2
libvirt-daemon-driver-network-6.0.0-13.16.2
libvirt-daemon-driver-nodedev-6.0.0-13.16.2
libvirt-daemon-driver-nwfilter-6.0.0-13.16.2
libvirt-daemon-driver-qemu-6.0.0-13.16.2
libvirt-daemon-driver-secret-6.0.0-13.16.2
libvirt-daemon-driver-storage-6.0.0-13.16.2
libvirt-daemon-driver-storage-core-6.0.0-13.16.2
libvirt-daemon-driver-storage-disk-6.0.0-13.16.2
libvirt-daemon-driver-storage-iscsi-6.0.0-13.16.2
libvirt-daemon-driver-storage-logical-6.0.0-13.16.2
libvirt-daemon-driver-storage-mpath-6.0.0-13.16.2
libvirt-daemon-driver-storage-rbd-6.0.0-13.16.2
libvirt-daemon-driver-storage-scsi-6.0.0-13.16.2
libvirt-daemon-hooks-6.0.0-13.16.2
libvirt-daemon-lxc-6.0.0-13.16.2
libvirt-daemon-qemu-6.0.0-13.16.2
libvirt-daemon-xen-6.0.0-13.16.2
libvirt-devel-6.0.0-13.16.2
libvirt-doc-6.0.0-13.16.2
libvirt-lock-sanlock-6.0.0-13.16.2
libvirt-nss-6.0.0-13.16.2
Ссылки
- Link for SUSE-SU-2021:2471-1
- E-Mail link for SUSE-SU-2021:2471-1
- SUSE Security Ratings
- SUSE Bug 1184253
- SUSE Bug 1187871
- SUSE CVE CVE-2021-3631 page
Описание
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
Затронутые продукты
Image SLES15-SP2-SAP-Azure:libvirt-client-6.0.0-13.16.2
Image SLES15-SP2-SAP-Azure:libvirt-libs-6.0.0-13.16.2
Image SLES15-SP2-SAP-BYOS-Azure:libvirt-client-6.0.0-13.16.2
Image SLES15-SP2-SAP-BYOS-Azure:libvirt-libs-6.0.0-13.16.2
Ссылки
- CVE-2021-3631
- SUSE Bug 1187871