Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2022-0897: Fixed a crash in nwfilter when counting number of network filters (bsc#1197636).
The following non-security bugs were fixed:
-
qemu: Improve save operation by increasing pipe size c61d1e9b-virfile-set-pipe-size.patch, 47d6d185-virfile-fix-indent.patch, cd7acb33-virfile-report-error.patch bsc#1196625
-
qemu: Directly query KVM for TSC scaling support 5df2c492-use-kvm-for-tsc-scaling.patch bsc#1193364
Список пакетов
Image SLES15-SP3-SAP-BYOS-Azure
libvirt-client-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM
libvirt-client-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
Image SLES15-SP3-SAP-BYOS-GCE
libvirt-client-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
SUSE Linux Enterprise Micro 5.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
SUSE Linux Enterprise Micro 5.2
libvirt-client-7.1.0-150300.6.29.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
libvirt-libs-7.1.0-150300.6.29.1
SUSE Linux Enterprise Module for Server Applications 15 SP3
libvirt-7.1.0-150300.6.29.1
libvirt-admin-7.1.0-150300.6.29.1
libvirt-bash-completion-7.1.0-150300.6.29.1
libvirt-client-7.1.0-150300.6.29.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-config-network-7.1.0-150300.6.29.1
libvirt-daemon-config-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-libxl-7.1.0-150300.6.29.1
libvirt-daemon-driver-lxc-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-hooks-7.1.0-150300.6.29.1
libvirt-daemon-lxc-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-daemon-xen-7.1.0-150300.6.29.1
libvirt-devel-7.1.0-150300.6.29.1
libvirt-doc-7.1.0-150300.6.29.1
libvirt-lock-sanlock-7.1.0-150300.6.29.1
libvirt-nss-7.1.0-150300.6.29.1
openSUSE Leap 15.3
libvirt-7.1.0-150300.6.29.1
libvirt-admin-7.1.0-150300.6.29.1
libvirt-bash-completion-7.1.0-150300.6.29.1
libvirt-client-7.1.0-150300.6.29.1
libvirt-daemon-7.1.0-150300.6.29.1
libvirt-daemon-config-network-7.1.0-150300.6.29.1
libvirt-daemon-config-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-interface-7.1.0-150300.6.29.1
libvirt-daemon-driver-libxl-7.1.0-150300.6.29.1
libvirt-daemon-driver-lxc-7.1.0-150300.6.29.1
libvirt-daemon-driver-network-7.1.0-150300.6.29.1
libvirt-daemon-driver-nodedev-7.1.0-150300.6.29.1
libvirt-daemon-driver-nwfilter-7.1.0-150300.6.29.1
libvirt-daemon-driver-qemu-7.1.0-150300.6.29.1
libvirt-daemon-driver-secret-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-core-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-disk-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-gluster-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-iscsi-direct-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-logical-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-mpath-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-rbd-7.1.0-150300.6.29.1
libvirt-daemon-driver-storage-scsi-7.1.0-150300.6.29.1
libvirt-daemon-hooks-7.1.0-150300.6.29.1
libvirt-daemon-lxc-7.1.0-150300.6.29.1
libvirt-daemon-qemu-7.1.0-150300.6.29.1
libvirt-daemon-xen-7.1.0-150300.6.29.1
libvirt-devel-7.1.0-150300.6.29.1
libvirt-devel-32bit-7.1.0-150300.6.29.1
libvirt-doc-7.1.0-150300.6.29.1
libvirt-libs-7.1.0-150300.6.29.1
libvirt-lock-sanlock-7.1.0-150300.6.29.1
libvirt-nss-7.1.0-150300.6.29.1
wireshark-plugin-libvirt-7.1.0-150300.6.29.1
openSUSE Leap 15.4
libvirt-admin-7.1.0-150300.6.29.1
libvirt-bash-completion-7.1.0-150300.6.29.1
Ссылки
- Link for SUSE-SU-2022:1549-1
- E-Mail link for SUSE-SU-2022:1549-1
- SUSE Security Ratings
- SUSE Bug 1193364
- SUSE Bug 1196625
- SUSE Bug 1197636
- SUSE CVE CVE-2022-0897 page
Описание
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilters object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt's API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).
Затронутые продукты
Image SLES15-SP3-SAP-BYOS-Azure:libvirt-client-7.1.0-150300.6.29.1
Image SLES15-SP3-SAP-BYOS-Azure:libvirt-libs-7.1.0-150300.6.29.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM:libvirt-client-7.1.0-150300.6.29.1
Image SLES15-SP3-SAP-BYOS-EC2-HVM:libvirt-libs-7.1.0-150300.6.29.1
Ссылки
- CVE-2022-0897
- SUSE Bug 1197636