Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2021-4147: libxl: Fix libvirtd deadlocks and segfaults. (bsc#1194041)
- CVE-2021-3975: Add missing lock in qemuProcessHandleMonitorEOF. (bsc#1192876)
Список пакетов
Image SLES15-SAP-Azure
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-Azure-BYOS
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-Azure-LI-BYOS-Production
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-EC2-HVM
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-EC2-HVM-BYOS
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-GCE
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-GCE-BYOS
libvirt-client-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
libvirt-4.0.0-9.40.1
libvirt-admin-4.0.0-9.40.1
libvirt-client-4.0.0-9.40.1
libvirt-daemon-4.0.0-9.40.1
libvirt-daemon-config-network-4.0.0-9.40.1
libvirt-daemon-config-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-interface-4.0.0-9.40.1
libvirt-daemon-driver-libxl-4.0.0-9.40.1
libvirt-daemon-driver-lxc-4.0.0-9.40.1
libvirt-daemon-driver-network-4.0.0-9.40.1
libvirt-daemon-driver-nodedev-4.0.0-9.40.1
libvirt-daemon-driver-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-qemu-4.0.0-9.40.1
libvirt-daemon-driver-secret-4.0.0-9.40.1
libvirt-daemon-driver-storage-4.0.0-9.40.1
libvirt-daemon-driver-storage-core-4.0.0-9.40.1
libvirt-daemon-driver-storage-disk-4.0.0-9.40.1
libvirt-daemon-driver-storage-iscsi-4.0.0-9.40.1
libvirt-daemon-driver-storage-logical-4.0.0-9.40.1
libvirt-daemon-driver-storage-mpath-4.0.0-9.40.1
libvirt-daemon-driver-storage-rbd-4.0.0-9.40.1
libvirt-daemon-driver-storage-scsi-4.0.0-9.40.1
libvirt-daemon-hooks-4.0.0-9.40.1
libvirt-daemon-lxc-4.0.0-9.40.1
libvirt-daemon-qemu-4.0.0-9.40.1
libvirt-daemon-xen-4.0.0-9.40.1
libvirt-devel-4.0.0-9.40.1
libvirt-doc-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
libvirt-lock-sanlock-4.0.0-9.40.1
libvirt-nss-4.0.0-9.40.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
libvirt-4.0.0-9.40.1
libvirt-admin-4.0.0-9.40.1
libvirt-client-4.0.0-9.40.1
libvirt-daemon-4.0.0-9.40.1
libvirt-daemon-config-network-4.0.0-9.40.1
libvirt-daemon-config-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-interface-4.0.0-9.40.1
libvirt-daemon-driver-libxl-4.0.0-9.40.1
libvirt-daemon-driver-lxc-4.0.0-9.40.1
libvirt-daemon-driver-network-4.0.0-9.40.1
libvirt-daemon-driver-nodedev-4.0.0-9.40.1
libvirt-daemon-driver-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-qemu-4.0.0-9.40.1
libvirt-daemon-driver-secret-4.0.0-9.40.1
libvirt-daemon-driver-storage-4.0.0-9.40.1
libvirt-daemon-driver-storage-core-4.0.0-9.40.1
libvirt-daemon-driver-storage-disk-4.0.0-9.40.1
libvirt-daemon-driver-storage-iscsi-4.0.0-9.40.1
libvirt-daemon-driver-storage-logical-4.0.0-9.40.1
libvirt-daemon-driver-storage-mpath-4.0.0-9.40.1
libvirt-daemon-driver-storage-rbd-4.0.0-9.40.1
libvirt-daemon-driver-storage-scsi-4.0.0-9.40.1
libvirt-daemon-hooks-4.0.0-9.40.1
libvirt-daemon-lxc-4.0.0-9.40.1
libvirt-daemon-qemu-4.0.0-9.40.1
libvirt-daemon-xen-4.0.0-9.40.1
libvirt-devel-4.0.0-9.40.1
libvirt-doc-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
libvirt-lock-sanlock-4.0.0-9.40.1
libvirt-nss-4.0.0-9.40.1
SUSE Linux Enterprise Server 15-LTSS
libvirt-4.0.0-9.40.1
libvirt-admin-4.0.0-9.40.1
libvirt-client-4.0.0-9.40.1
libvirt-daemon-4.0.0-9.40.1
libvirt-daemon-config-network-4.0.0-9.40.1
libvirt-daemon-config-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-interface-4.0.0-9.40.1
libvirt-daemon-driver-libxl-4.0.0-9.40.1
libvirt-daemon-driver-lxc-4.0.0-9.40.1
libvirt-daemon-driver-network-4.0.0-9.40.1
libvirt-daemon-driver-nodedev-4.0.0-9.40.1
libvirt-daemon-driver-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-qemu-4.0.0-9.40.1
libvirt-daemon-driver-secret-4.0.0-9.40.1
libvirt-daemon-driver-storage-4.0.0-9.40.1
libvirt-daemon-driver-storage-core-4.0.0-9.40.1
libvirt-daemon-driver-storage-disk-4.0.0-9.40.1
libvirt-daemon-driver-storage-iscsi-4.0.0-9.40.1
libvirt-daemon-driver-storage-logical-4.0.0-9.40.1
libvirt-daemon-driver-storage-mpath-4.0.0-9.40.1
libvirt-daemon-driver-storage-rbd-4.0.0-9.40.1
libvirt-daemon-driver-storage-scsi-4.0.0-9.40.1
libvirt-daemon-hooks-4.0.0-9.40.1
libvirt-daemon-lxc-4.0.0-9.40.1
libvirt-daemon-qemu-4.0.0-9.40.1
libvirt-daemon-xen-4.0.0-9.40.1
libvirt-devel-4.0.0-9.40.1
libvirt-doc-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
libvirt-lock-sanlock-4.0.0-9.40.1
libvirt-nss-4.0.0-9.40.1
SUSE Linux Enterprise Server for SAP Applications 15
libvirt-4.0.0-9.40.1
libvirt-admin-4.0.0-9.40.1
libvirt-client-4.0.0-9.40.1
libvirt-daemon-4.0.0-9.40.1
libvirt-daemon-config-network-4.0.0-9.40.1
libvirt-daemon-config-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-interface-4.0.0-9.40.1
libvirt-daemon-driver-libxl-4.0.0-9.40.1
libvirt-daemon-driver-lxc-4.0.0-9.40.1
libvirt-daemon-driver-network-4.0.0-9.40.1
libvirt-daemon-driver-nodedev-4.0.0-9.40.1
libvirt-daemon-driver-nwfilter-4.0.0-9.40.1
libvirt-daemon-driver-qemu-4.0.0-9.40.1
libvirt-daemon-driver-secret-4.0.0-9.40.1
libvirt-daemon-driver-storage-4.0.0-9.40.1
libvirt-daemon-driver-storage-core-4.0.0-9.40.1
libvirt-daemon-driver-storage-disk-4.0.0-9.40.1
libvirt-daemon-driver-storage-iscsi-4.0.0-9.40.1
libvirt-daemon-driver-storage-logical-4.0.0-9.40.1
libvirt-daemon-driver-storage-mpath-4.0.0-9.40.1
libvirt-daemon-driver-storage-rbd-4.0.0-9.40.1
libvirt-daemon-driver-storage-scsi-4.0.0-9.40.1
libvirt-daemon-hooks-4.0.0-9.40.1
libvirt-daemon-lxc-4.0.0-9.40.1
libvirt-daemon-qemu-4.0.0-9.40.1
libvirt-daemon-xen-4.0.0-9.40.1
libvirt-devel-4.0.0-9.40.1
libvirt-doc-4.0.0-9.40.1
libvirt-libs-4.0.0-9.40.1
libvirt-lock-sanlock-4.0.0-9.40.1
libvirt-nss-4.0.0-9.40.1
Ссылки
- Link for SUSE-SU-2022:0031-1
- E-Mail link for SUSE-SU-2022:0031-1
- SUSE Security Ratings
- SUSE Bug 1192876
- SUSE Bug 1193981
- SUSE Bug 1194041
- SUSE CVE CVE-2021-3975 page
- SUSE CVE CVE-2021-4147 page
Описание
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
Затронутые продукты
Image SLES15-SAP-Azure-BYOS:libvirt-client-4.0.0-9.40.1
Image SLES15-SAP-Azure-BYOS:libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-Azure-LI-BYOS-Production:libvirt-client-4.0.0-9.40.1
Image SLES15-SAP-Azure-LI-BYOS-Production:libvirt-libs-4.0.0-9.40.1
Ссылки
- CVE-2021-3975
- SUSE Bug 1192876
Описание
A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition.
Затронутые продукты
Image SLES15-SAP-Azure-BYOS:libvirt-client-4.0.0-9.40.1
Image SLES15-SAP-Azure-BYOS:libvirt-libs-4.0.0-9.40.1
Image SLES15-SAP-Azure-LI-BYOS-Production:libvirt-client-4.0.0-9.40.1
Image SLES15-SAP-Azure-LI-BYOS-Production:libvirt-libs-4.0.0-9.40.1
Ссылки
- CVE-2021-4147
- SUSE Bug 1194041
- SUSE Bug 1194313