Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2021-3631: fix SELinux label generation logic (bsc#1187871)
Список пакетов
SUSE Linux Enterprise Micro 5.0
libvirt-daemon-6.0.0-13.16.2
libvirt-daemon-driver-interface-6.0.0-13.16.2
libvirt-daemon-driver-network-6.0.0-13.16.2
libvirt-daemon-driver-nodedev-6.0.0-13.16.2
libvirt-daemon-driver-nwfilter-6.0.0-13.16.2
libvirt-daemon-driver-qemu-6.0.0-13.16.2
libvirt-daemon-driver-secret-6.0.0-13.16.2
libvirt-daemon-driver-storage-6.0.0-13.16.2
libvirt-daemon-driver-storage-core-6.0.0-13.16.2
libvirt-daemon-driver-storage-disk-6.0.0-13.16.2
libvirt-daemon-driver-storage-iscsi-6.0.0-13.16.2
libvirt-daemon-driver-storage-logical-6.0.0-13.16.2
libvirt-daemon-driver-storage-mpath-6.0.0-13.16.2
libvirt-daemon-driver-storage-rbd-6.0.0-13.16.2
libvirt-daemon-driver-storage-scsi-6.0.0-13.16.2
libvirt-daemon-qemu-6.0.0-13.16.2
libvirt-libs-6.0.0-13.16.2
SUSE Linux Enterprise Module for Basesystem 15 SP2
libvirt-libs-6.0.0-13.16.2
SUSE Linux Enterprise Module for Server Applications 15 SP2
libvirt-6.0.0-13.16.2
libvirt-admin-6.0.0-13.16.2
libvirt-bash-completion-6.0.0-13.16.2
libvirt-client-6.0.0-13.16.2
libvirt-daemon-6.0.0-13.16.2
libvirt-daemon-config-network-6.0.0-13.16.2
libvirt-daemon-config-nwfilter-6.0.0-13.16.2
libvirt-daemon-driver-interface-6.0.0-13.16.2
libvirt-daemon-driver-libxl-6.0.0-13.16.2
libvirt-daemon-driver-lxc-6.0.0-13.16.2
libvirt-daemon-driver-network-6.0.0-13.16.2
libvirt-daemon-driver-nodedev-6.0.0-13.16.2
libvirt-daemon-driver-nwfilter-6.0.0-13.16.2
libvirt-daemon-driver-qemu-6.0.0-13.16.2
libvirt-daemon-driver-secret-6.0.0-13.16.2
libvirt-daemon-driver-storage-6.0.0-13.16.2
libvirt-daemon-driver-storage-core-6.0.0-13.16.2
libvirt-daemon-driver-storage-disk-6.0.0-13.16.2
libvirt-daemon-driver-storage-iscsi-6.0.0-13.16.2
libvirt-daemon-driver-storage-logical-6.0.0-13.16.2
libvirt-daemon-driver-storage-mpath-6.0.0-13.16.2
libvirt-daemon-driver-storage-rbd-6.0.0-13.16.2
libvirt-daemon-driver-storage-scsi-6.0.0-13.16.2
libvirt-daemon-hooks-6.0.0-13.16.2
libvirt-daemon-lxc-6.0.0-13.16.2
libvirt-daemon-qemu-6.0.0-13.16.2
libvirt-daemon-xen-6.0.0-13.16.2
libvirt-devel-6.0.0-13.16.2
libvirt-doc-6.0.0-13.16.2
libvirt-lock-sanlock-6.0.0-13.16.2
libvirt-nss-6.0.0-13.16.2
Ссылки
- Link for SUSE-SU-2021:2471-1
- E-Mail link for SUSE-SU-2021:2471-1
- SUSE Security Ratings
- SUSE Bug 1184253
- SUSE Bug 1187871
- SUSE CVE CVE-2021-3631 page
Описание
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.
Затронутые продукты
SUSE Linux Enterprise Micro 5.0:libvirt-daemon-6.0.0-13.16.2
SUSE Linux Enterprise Micro 5.0:libvirt-daemon-driver-interface-6.0.0-13.16.2
SUSE Linux Enterprise Micro 5.0:libvirt-daemon-driver-network-6.0.0-13.16.2
SUSE Linux Enterprise Micro 5.0:libvirt-daemon-driver-nodedev-6.0.0-13.16.2
Ссылки
- CVE-2021-3631
- SUSE Bug 1187871