SUSE-SU-2024:1100-1

Опубликовано: 03 апр. 2024

Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes the following issues:

CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815)

The following non-security bug was fixed:

Avoid memleak in virNodeDeviceGetPCIVPDDynamicCap() (bsc#1221749).

Список пакетов

Image SLES15-SP4-SAP-BYOS

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-BYOS-Azure

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-BYOS-EC2

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-BYOS-GCE

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened-Azure

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened-BYOS

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-Hardened-GCE

libvirt-client-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

libvirt-8.0.0-150400.7.11.2

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-config-network-8.0.0-150400.7.11.2

libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-hooks-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-daemon-xen-8.0.0-150400.7.11.2

libvirt-devel-8.0.0-150400.7.11.2

libvirt-doc-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

libvirt-lock-sanlock-8.0.0-150400.7.11.2

libvirt-nss-8.0.0-150400.7.11.2

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

libvirt-8.0.0-150400.7.11.2

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-config-network-8.0.0-150400.7.11.2

libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-hooks-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-daemon-xen-8.0.0-150400.7.11.2

libvirt-devel-8.0.0-150400.7.11.2

libvirt-doc-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

libvirt-lock-sanlock-8.0.0-150400.7.11.2

libvirt-nss-8.0.0-150400.7.11.2

SUSE Linux Enterprise Micro 5.3

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

SUSE Linux Enterprise Micro 5.4

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

SUSE Linux Enterprise Server 15 SP4-LTSS

libvirt-8.0.0-150400.7.11.2

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-config-network-8.0.0-150400.7.11.2

libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-hooks-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-daemon-xen-8.0.0-150400.7.11.2

libvirt-devel-8.0.0-150400.7.11.2

libvirt-doc-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

libvirt-lock-sanlock-8.0.0-150400.7.11.2

libvirt-nss-8.0.0-150400.7.11.2

SUSE Linux Enterprise Server for SAP Applications 15 SP4

libvirt-8.0.0-150400.7.11.2

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-config-network-8.0.0-150400.7.11.2

libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-hooks-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-daemon-xen-8.0.0-150400.7.11.2

libvirt-devel-8.0.0-150400.7.11.2

libvirt-doc-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

libvirt-lock-sanlock-8.0.0-150400.7.11.2

libvirt-nss-8.0.0-150400.7.11.2

SUSE Manager Proxy 4.3

libvirt-8.0.0-150400.7.11.2

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-config-network-8.0.0-150400.7.11.2

libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-hooks-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-daemon-xen-8.0.0-150400.7.11.2

libvirt-devel-8.0.0-150400.7.11.2

libvirt-doc-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

libvirt-lock-sanlock-8.0.0-150400.7.11.2

libvirt-nss-8.0.0-150400.7.11.2

SUSE Manager Server 4.3

libvirt-8.0.0-150400.7.11.2

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-config-network-8.0.0-150400.7.11.2

libvirt-daemon-config-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-libxl-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-hooks-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-daemon-xen-8.0.0-150400.7.11.2

libvirt-devel-8.0.0-150400.7.11.2

libvirt-doc-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

libvirt-lock-sanlock-8.0.0-150400.7.11.2

libvirt-nss-8.0.0-150400.7.11.2

openSUSE Leap Micro 5.3

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

openSUSE Leap Micro 5.4

libvirt-client-8.0.0-150400.7.11.2

libvirt-daemon-8.0.0-150400.7.11.2

libvirt-daemon-driver-interface-8.0.0-150400.7.11.2

libvirt-daemon-driver-network-8.0.0-150400.7.11.2

libvirt-daemon-driver-nodedev-8.0.0-150400.7.11.2

libvirt-daemon-driver-nwfilter-8.0.0-150400.7.11.2

libvirt-daemon-driver-qemu-8.0.0-150400.7.11.2

libvirt-daemon-driver-secret-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-core-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-disk-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-iscsi-direct-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-logical-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-mpath-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-rbd-8.0.0-150400.7.11.2

libvirt-daemon-driver-storage-scsi-8.0.0-150400.7.11.2

libvirt-daemon-qemu-8.0.0-150400.7.11.2

libvirt-libs-8.0.0-150400.7.11.2

Ссылки

https://www.suse.com/support/update/announcement/2024/suse-su-20241100-1/
Link for SUSE-SU-2024:1100-1
https://lists.suse.com/pipermail/sle-updates/2024-April/034895.html
E-Mail link for SUSE-SU-2024:1100-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1221749
SUSE Bug 1221749
https://bugzilla.suse.com/1221815
SUSE Bug 1221815
https://www.suse.com/security/cve/CVE-2024-2494/
SUSE CVE CVE-2024-2494 page

Описание

A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.

Затронутые продукты

Image SLES15-SP4-SAP-BYOS-Azure:libvirt-client-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-BYOS-Azure:libvirt-libs-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-BYOS-EC2:libvirt-client-8.0.0-150400.7.11.2

Image SLES15-SP4-SAP-BYOS-EC2:libvirt-libs-8.0.0-150400.7.11.2

Ссылки

https://www.suse.com/security/cve/CVE-2024-2494.html
CVE-2024-2494
https://bugzilla.suse.com/1221815
SUSE Bug 1221815

SUSE-SU-2024:1100-1

Описание

Список пакетов

Image SLES15-SP4-SAP-BYOS

Image SLES15-SP4-SAP-BYOS-Azure

Image SLES15-SP4-SAP-BYOS-EC2

Image SLES15-SP4-SAP-BYOS-GCE

Image SLES15-SP4-SAP-Hardened

Image SLES15-SP4-SAP-Hardened-Azure

Image SLES15-SP4-SAP-Hardened-BYOS

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

Image SLES15-SP4-SAP-Hardened-GCE

SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS

SUSE Linux Enterprise Micro 5.3

SUSE Linux Enterprise Micro 5.4

SUSE Linux Enterprise Server 15 SP4-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP4

SUSE Manager Proxy 4.3

SUSE Manager Server 4.3

openSUSE Leap Micro 5.3

openSUSE Leap Micro 5.4

Ссылки

Уязвимость: CVE-2024-2494

Описание

Затронутые продукты

Ссылки