Описание
Security update for libvirt
This update for libvirt fixes the following issues:
Security fixes:
- CVE-2023-3750: Fixed mproper locking in virStoragePoolObjListSearch that may lead to denial of service (bsc#1213447).
Other fixes:
- build library with support for modular daemons (bsc#1213352).
Список пакетов
Image SLES15-SP5-SAP-Azure-3P
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-BYOS-Azure
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-BYOS-EC2
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-BYOS-GCE
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-Hardened-Azure
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-Hardened-BYOS-Azure
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-Hardened-BYOS-EC2
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-Hardened-BYOS-GCE
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-Hardened-GCE
libvirt-client-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
SUSE Linux Enterprise Module for Basesystem 15 SP5
libvirt-libs-9.0.0-150500.6.11.1
SUSE Linux Enterprise Module for Server Applications 15 SP5
libvirt-9.0.0-150500.6.11.1
libvirt-client-9.0.0-150500.6.11.1
libvirt-client-qemu-9.0.0-150500.6.11.1
libvirt-daemon-9.0.0-150500.6.11.1
libvirt-daemon-config-network-9.0.0-150500.6.11.1
libvirt-daemon-config-nwfilter-9.0.0-150500.6.11.1
libvirt-daemon-driver-interface-9.0.0-150500.6.11.1
libvirt-daemon-driver-libxl-9.0.0-150500.6.11.1
libvirt-daemon-driver-network-9.0.0-150500.6.11.1
libvirt-daemon-driver-nodedev-9.0.0-150500.6.11.1
libvirt-daemon-driver-nwfilter-9.0.0-150500.6.11.1
libvirt-daemon-driver-qemu-9.0.0-150500.6.11.1
libvirt-daemon-driver-secret-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-core-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-disk-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-iscsi-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-iscsi-direct-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-logical-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-mpath-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-rbd-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-scsi-9.0.0-150500.6.11.1
libvirt-daemon-hooks-9.0.0-150500.6.11.1
libvirt-daemon-qemu-9.0.0-150500.6.11.1
libvirt-daemon-xen-9.0.0-150500.6.11.1
libvirt-devel-9.0.0-150500.6.11.1
libvirt-doc-9.0.0-150500.6.11.1
libvirt-lock-sanlock-9.0.0-150500.6.11.1
libvirt-nss-9.0.0-150500.6.11.1
openSUSE Leap 15.5
libvirt-9.0.0-150500.6.11.1
libvirt-client-9.0.0-150500.6.11.1
libvirt-client-qemu-9.0.0-150500.6.11.1
libvirt-daemon-9.0.0-150500.6.11.1
libvirt-daemon-config-network-9.0.0-150500.6.11.1
libvirt-daemon-config-nwfilter-9.0.0-150500.6.11.1
libvirt-daemon-driver-interface-9.0.0-150500.6.11.1
libvirt-daemon-driver-libxl-9.0.0-150500.6.11.1
libvirt-daemon-driver-lxc-9.0.0-150500.6.11.1
libvirt-daemon-driver-network-9.0.0-150500.6.11.1
libvirt-daemon-driver-nodedev-9.0.0-150500.6.11.1
libvirt-daemon-driver-nwfilter-9.0.0-150500.6.11.1
libvirt-daemon-driver-qemu-9.0.0-150500.6.11.1
libvirt-daemon-driver-secret-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-core-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-disk-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-gluster-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-iscsi-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-iscsi-direct-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-logical-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-mpath-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-rbd-9.0.0-150500.6.11.1
libvirt-daemon-driver-storage-scsi-9.0.0-150500.6.11.1
libvirt-daemon-hooks-9.0.0-150500.6.11.1
libvirt-daemon-lxc-9.0.0-150500.6.11.1
libvirt-daemon-qemu-9.0.0-150500.6.11.1
libvirt-daemon-xen-9.0.0-150500.6.11.1
libvirt-devel-9.0.0-150500.6.11.1
libvirt-devel-32bit-9.0.0-150500.6.11.1
libvirt-doc-9.0.0-150500.6.11.1
libvirt-libs-9.0.0-150500.6.11.1
libvirt-lock-sanlock-9.0.0-150500.6.11.1
libvirt-nss-9.0.0-150500.6.11.1
wireshark-plugin-libvirt-9.0.0-150500.6.11.1
Ссылки
- Link for SUSE-SU-2023:3043-1
- E-Mail link for SUSE-SU-2023:3043-1
- SUSE Security Ratings
- SUSE Bug 1213352
- SUSE Bug 1213447
- SUSE CVE CVE-2023-3750 page
Описание
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.
Затронутые продукты
Image SLES15-SP5-SAP-Azure-3P:libvirt-client-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-Azure-3P:libvirt-libs-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-BYOS-Azure:libvirt-client-9.0.0-150500.6.11.1
Image SLES15-SP5-SAP-BYOS-Azure:libvirt-libs-9.0.0-150500.6.11.1
Ссылки
- CVE-2023-3750
- SUSE Bug 1213447