SUSE-SU-2023:2356-1

Опубликовано: 02 июн. 2023

Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes the following issues:

CVE-2023-2700: Fixed a memory leak that could be triggered by repeatedly querying an SR-IOV PCI device's capabilities (bsc#1211390).

Non-security fixes:

Fixed a potential crash during driver cleanup (bsc#1209861).
Added Apparmor support for SUSE edk2 firmware paths (boo#1208567).
Fixed lxc container initialization with systemd and hybrid groups (boo#1183247).
Added the option to specify the virtual CPU address size in bits for qemu (bsc#1199583).

Список пакетов

Image SLES15-SP4-SAP-BYOS

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-BYOS-Azure

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-BYOS-EC2

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-BYOS-GCE

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened-Azure

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened-BYOS

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-Hardened-GCE

libvirt-client-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

SUSE Linux Enterprise Micro 5.3

libvirt-client-8.0.0-150400.7.6.1

libvirt-daemon-8.0.0-150400.7.6.1

libvirt-daemon-driver-interface-8.0.0-150400.7.6.1

libvirt-daemon-driver-network-8.0.0-150400.7.6.1

libvirt-daemon-driver-nodedev-8.0.0-150400.7.6.1

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-qemu-8.0.0-150400.7.6.1

libvirt-daemon-driver-secret-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-core-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.6.1

libvirt-daemon-qemu-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

SUSE Linux Enterprise Micro 5.4

libvirt-client-8.0.0-150400.7.6.1

libvirt-daemon-8.0.0-150400.7.6.1

libvirt-daemon-driver-interface-8.0.0-150400.7.6.1

libvirt-daemon-driver-network-8.0.0-150400.7.6.1

libvirt-daemon-driver-nodedev-8.0.0-150400.7.6.1

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-qemu-8.0.0-150400.7.6.1

libvirt-daemon-driver-secret-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-core-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.6.1

libvirt-daemon-qemu-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

SUSE Linux Enterprise Module for Basesystem 15 SP4

libvirt-libs-8.0.0-150400.7.6.1

SUSE Linux Enterprise Module for Server Applications 15 SP4

libvirt-8.0.0-150400.7.6.1

libvirt-client-8.0.0-150400.7.6.1

libvirt-daemon-8.0.0-150400.7.6.1

libvirt-daemon-config-network-8.0.0-150400.7.6.1

libvirt-daemon-config-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-interface-8.0.0-150400.7.6.1

libvirt-daemon-driver-libxl-8.0.0-150400.7.6.1

libvirt-daemon-driver-network-8.0.0-150400.7.6.1

libvirt-daemon-driver-nodedev-8.0.0-150400.7.6.1

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-qemu-8.0.0-150400.7.6.1

libvirt-daemon-driver-secret-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-core-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.6.1

libvirt-daemon-hooks-8.0.0-150400.7.6.1

libvirt-daemon-qemu-8.0.0-150400.7.6.1

libvirt-daemon-xen-8.0.0-150400.7.6.1

libvirt-devel-8.0.0-150400.7.6.1

libvirt-doc-8.0.0-150400.7.6.1

libvirt-lock-sanlock-8.0.0-150400.7.6.1

libvirt-nss-8.0.0-150400.7.6.1

openSUSE Leap 15.4

libvirt-8.0.0-150400.7.6.1

libvirt-client-8.0.0-150400.7.6.1

libvirt-daemon-8.0.0-150400.7.6.1

libvirt-daemon-config-network-8.0.0-150400.7.6.1

libvirt-daemon-config-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-interface-8.0.0-150400.7.6.1

libvirt-daemon-driver-libxl-8.0.0-150400.7.6.1

libvirt-daemon-driver-lxc-8.0.0-150400.7.6.1

libvirt-daemon-driver-network-8.0.0-150400.7.6.1

libvirt-daemon-driver-nodedev-8.0.0-150400.7.6.1

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-qemu-8.0.0-150400.7.6.1

libvirt-daemon-driver-secret-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-core-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-gluster-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.6.1

libvirt-daemon-hooks-8.0.0-150400.7.6.1

libvirt-daemon-lxc-8.0.0-150400.7.6.1

libvirt-daemon-qemu-8.0.0-150400.7.6.1

libvirt-daemon-xen-8.0.0-150400.7.6.1

libvirt-devel-8.0.0-150400.7.6.1

libvirt-devel-32bit-8.0.0-150400.7.6.1

libvirt-doc-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

libvirt-lock-sanlock-8.0.0-150400.7.6.1

libvirt-nss-8.0.0-150400.7.6.1

wireshark-plugin-libvirt-8.0.0-150400.7.6.1

openSUSE Leap Micro 5.3

libvirt-client-8.0.0-150400.7.6.1

libvirt-daemon-8.0.0-150400.7.6.1

libvirt-daemon-driver-interface-8.0.0-150400.7.6.1

libvirt-daemon-driver-network-8.0.0-150400.7.6.1

libvirt-daemon-driver-nodedev-8.0.0-150400.7.6.1

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.6.1

libvirt-daemon-driver-qemu-8.0.0-150400.7.6.1

libvirt-daemon-driver-secret-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-core-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.6.1

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.6.1

libvirt-daemon-qemu-8.0.0-150400.7.6.1

libvirt-libs-8.0.0-150400.7.6.1

Ссылки

https://www.suse.com/support/update/announcement/2023/suse-su-20232356-1/
Link for SUSE-SU-2023:2356-1
https://lists.suse.com/pipermail/sle-updates/2023-June/029679.html
E-Mail link for SUSE-SU-2023:2356-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1183247
SUSE Bug 1183247
https://bugzilla.suse.com/1199583
SUSE Bug 1199583
https://bugzilla.suse.com/1208567
SUSE Bug 1208567
https://bugzilla.suse.com/1209861
SUSE Bug 1209861
https://bugzilla.suse.com/1211390
SUSE Bug 1211390
https://www.suse.com/security/cve/CVE-2023-2700/
SUSE CVE CVE-2023-2700 page

Описание

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

Затронутые продукты

Image SLES15-SP4-SAP-BYOS-Azure:libvirt-client-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-BYOS-Azure:libvirt-libs-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-BYOS-EC2:libvirt-client-8.0.0-150400.7.6.1

Image SLES15-SP4-SAP-BYOS-EC2:libvirt-libs-8.0.0-150400.7.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2023-2700.html
CVE-2023-2700
https://bugzilla.suse.com/1211390
SUSE Bug 1211390

SUSE-SU-2023:2356-1

Описание

Список пакетов

Image SLES15-SP4-SAP-BYOS

Image SLES15-SP4-SAP-BYOS-Azure

Image SLES15-SP4-SAP-BYOS-EC2

Image SLES15-SP4-SAP-BYOS-GCE

Image SLES15-SP4-SAP-Hardened

Image SLES15-SP4-SAP-Hardened-Azure

Image SLES15-SP4-SAP-Hardened-BYOS

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

Image SLES15-SP4-SAP-Hardened-GCE

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Module for Basesystem 15 SP4

SUSE Linux Enterprise Module for Server Applications 15 SP4

openSUSE Leap 15.4

openSUSE Leap Micro 5.3

Ссылки

Уязвимость: CVE-2023-2700

Описание

Затронутые продукты

Ссылки