Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2022-0897: Fixed a crash in nwfilter when counting number of network filters (bsc#1197636).
The following non-security bugs were fixed:
- libxl: Mark auto-allocated graphics ports to used on reconnect e0241f33-libxl-mark-allocated-graphics-ports.patch
- libxl: Release all auto-allocated graphics ports 18ec405a-libxl-release-graphics-ports.patch bsc#1191668
Список пакетов
Image SLES12-SP5-Azure-SAP-BYOS
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-Azure-SAP-On-Demand
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-EC2-SAP-BYOS
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-EC2-SAP-On-Demand
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-GCE-SAP-BYOS
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-GCE-SAP-On-Demand
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
libvirt-client-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
SUSE Linux Enterprise Server 12 SP5
libvirt-5.1.0-13.31.1
libvirt-admin-5.1.0-13.31.1
libvirt-client-5.1.0-13.31.1
libvirt-daemon-5.1.0-13.31.1
libvirt-daemon-config-network-5.1.0-13.31.1
libvirt-daemon-config-nwfilter-5.1.0-13.31.1
libvirt-daemon-driver-interface-5.1.0-13.31.1
libvirt-daemon-driver-libxl-5.1.0-13.31.1
libvirt-daemon-driver-lxc-5.1.0-13.31.1
libvirt-daemon-driver-network-5.1.0-13.31.1
libvirt-daemon-driver-nodedev-5.1.0-13.31.1
libvirt-daemon-driver-nwfilter-5.1.0-13.31.1
libvirt-daemon-driver-qemu-5.1.0-13.31.1
libvirt-daemon-driver-secret-5.1.0-13.31.1
libvirt-daemon-driver-storage-5.1.0-13.31.1
libvirt-daemon-driver-storage-core-5.1.0-13.31.1
libvirt-daemon-driver-storage-disk-5.1.0-13.31.1
libvirt-daemon-driver-storage-iscsi-5.1.0-13.31.1
libvirt-daemon-driver-storage-logical-5.1.0-13.31.1
libvirt-daemon-driver-storage-mpath-5.1.0-13.31.1
libvirt-daemon-driver-storage-rbd-5.1.0-13.31.1
libvirt-daemon-driver-storage-scsi-5.1.0-13.31.1
libvirt-daemon-hooks-5.1.0-13.31.1
libvirt-daemon-lxc-5.1.0-13.31.1
libvirt-daemon-qemu-5.1.0-13.31.1
libvirt-daemon-xen-5.1.0-13.31.1
libvirt-doc-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
libvirt-lock-sanlock-5.1.0-13.31.1
libvirt-nss-5.1.0-13.31.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libvirt-5.1.0-13.31.1
libvirt-admin-5.1.0-13.31.1
libvirt-client-5.1.0-13.31.1
libvirt-daemon-5.1.0-13.31.1
libvirt-daemon-config-network-5.1.0-13.31.1
libvirt-daemon-config-nwfilter-5.1.0-13.31.1
libvirt-daemon-driver-interface-5.1.0-13.31.1
libvirt-daemon-driver-libxl-5.1.0-13.31.1
libvirt-daemon-driver-lxc-5.1.0-13.31.1
libvirt-daemon-driver-network-5.1.0-13.31.1
libvirt-daemon-driver-nodedev-5.1.0-13.31.1
libvirt-daemon-driver-nwfilter-5.1.0-13.31.1
libvirt-daemon-driver-qemu-5.1.0-13.31.1
libvirt-daemon-driver-secret-5.1.0-13.31.1
libvirt-daemon-driver-storage-5.1.0-13.31.1
libvirt-daemon-driver-storage-core-5.1.0-13.31.1
libvirt-daemon-driver-storage-disk-5.1.0-13.31.1
libvirt-daemon-driver-storage-iscsi-5.1.0-13.31.1
libvirt-daemon-driver-storage-logical-5.1.0-13.31.1
libvirt-daemon-driver-storage-mpath-5.1.0-13.31.1
libvirt-daemon-driver-storage-rbd-5.1.0-13.31.1
libvirt-daemon-driver-storage-scsi-5.1.0-13.31.1
libvirt-daemon-hooks-5.1.0-13.31.1
libvirt-daemon-lxc-5.1.0-13.31.1
libvirt-daemon-qemu-5.1.0-13.31.1
libvirt-daemon-xen-5.1.0-13.31.1
libvirt-doc-5.1.0-13.31.1
libvirt-libs-5.1.0-13.31.1
libvirt-lock-sanlock-5.1.0-13.31.1
libvirt-nss-5.1.0-13.31.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libvirt-devel-5.1.0-13.31.1
Ссылки
- Link for SUSE-SU-2022:1540-1
- E-Mail link for SUSE-SU-2022:1540-1
- SUSE Security Ratings
- SUSE Bug 1191668
- SUSE Bug 1197636
- SUSE CVE CVE-2022-0897 page
Описание
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
Затронутые продукты
Image SLES12-SP5-Azure-SAP-BYOS:libvirt-client-5.1.0-13.31.1
Image SLES12-SP5-Azure-SAP-BYOS:libvirt-libs-5.1.0-13.31.1
Image SLES12-SP5-Azure-SAP-On-Demand:libvirt-client-5.1.0-13.31.1
Image SLES12-SP5-Azure-SAP-On-Demand:libvirt-libs-5.1.0-13.31.1
Ссылки
- CVE-2022-0897
- SUSE Bug 1197636