Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2024-4418: Fixed a stack use-after-free by ensuring temporary GSource is removed from client event loop. (bsc#1223849)
Список пакетов
Container suse/manager/5.0/x86_64/server:latest
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS-Azure
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS-EC2
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS-GCE
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-Azure
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-BYOS
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-BYOS-Azure
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-BYOS-EC2
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-BYOS-GCE
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-EC2
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-Hardened-GCE
libvirt-client-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
SUSE Linux Enterprise Module for Basesystem 15 SP6
libvirt-libs-10.0.0-150600.8.3.1
SUSE Linux Enterprise Module for Server Applications 15 SP6
libvirt-10.0.0-150600.8.3.1
libvirt-client-10.0.0-150600.8.3.1
libvirt-client-qemu-10.0.0-150600.8.3.1
libvirt-daemon-10.0.0-150600.8.3.1
libvirt-daemon-common-10.0.0-150600.8.3.1
libvirt-daemon-config-network-10.0.0-150600.8.3.1
libvirt-daemon-config-nwfilter-10.0.0-150600.8.3.1
libvirt-daemon-driver-interface-10.0.0-150600.8.3.1
libvirt-daemon-driver-libxl-10.0.0-150600.8.3.1
libvirt-daemon-driver-network-10.0.0-150600.8.3.1
libvirt-daemon-driver-nodedev-10.0.0-150600.8.3.1
libvirt-daemon-driver-nwfilter-10.0.0-150600.8.3.1
libvirt-daemon-driver-qemu-10.0.0-150600.8.3.1
libvirt-daemon-driver-secret-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-core-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-disk-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-logical-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.3.1
libvirt-daemon-hooks-10.0.0-150600.8.3.1
libvirt-daemon-lock-10.0.0-150600.8.3.1
libvirt-daemon-log-10.0.0-150600.8.3.1
libvirt-daemon-plugin-lockd-10.0.0-150600.8.3.1
libvirt-daemon-plugin-sanlock-10.0.0-150600.8.3.1
libvirt-daemon-proxy-10.0.0-150600.8.3.1
libvirt-daemon-qemu-10.0.0-150600.8.3.1
libvirt-daemon-xen-10.0.0-150600.8.3.1
libvirt-devel-10.0.0-150600.8.3.1
libvirt-doc-10.0.0-150600.8.3.1
libvirt-nss-10.0.0-150600.8.3.1
openSUSE Leap 15.6
libvirt-10.0.0-150600.8.3.1
libvirt-client-10.0.0-150600.8.3.1
libvirt-client-qemu-10.0.0-150600.8.3.1
libvirt-daemon-10.0.0-150600.8.3.1
libvirt-daemon-common-10.0.0-150600.8.3.1
libvirt-daemon-config-network-10.0.0-150600.8.3.1
libvirt-daemon-config-nwfilter-10.0.0-150600.8.3.1
libvirt-daemon-driver-interface-10.0.0-150600.8.3.1
libvirt-daemon-driver-libxl-10.0.0-150600.8.3.1
libvirt-daemon-driver-lxc-10.0.0-150600.8.3.1
libvirt-daemon-driver-network-10.0.0-150600.8.3.1
libvirt-daemon-driver-nodedev-10.0.0-150600.8.3.1
libvirt-daemon-driver-nwfilter-10.0.0-150600.8.3.1
libvirt-daemon-driver-qemu-10.0.0-150600.8.3.1
libvirt-daemon-driver-secret-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-core-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-disk-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-gluster-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-iscsi-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-iscsi-direct-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-logical-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-mpath-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-rbd-10.0.0-150600.8.3.1
libvirt-daemon-driver-storage-scsi-10.0.0-150600.8.3.1
libvirt-daemon-hooks-10.0.0-150600.8.3.1
libvirt-daemon-lock-10.0.0-150600.8.3.1
libvirt-daemon-log-10.0.0-150600.8.3.1
libvirt-daemon-lxc-10.0.0-150600.8.3.1
libvirt-daemon-plugin-lockd-10.0.0-150600.8.3.1
libvirt-daemon-plugin-sanlock-10.0.0-150600.8.3.1
libvirt-daemon-proxy-10.0.0-150600.8.3.1
libvirt-daemon-qemu-10.0.0-150600.8.3.1
libvirt-daemon-xen-10.0.0-150600.8.3.1
libvirt-devel-10.0.0-150600.8.3.1
libvirt-devel-32bit-10.0.0-150600.8.3.1
libvirt-doc-10.0.0-150600.8.3.1
libvirt-libs-10.0.0-150600.8.3.1
libvirt-nss-10.0.0-150600.8.3.1
wireshark-plugin-libvirt-10.0.0-150600.8.3.1
Ссылки
- Link for SUSE-SU-2024:1962-1
- E-Mail link for SUSE-SU-2024:1962-1
- SUSE Security Ratings
- SUSE Bug 1222584
- SUSE Bug 1223849
- SUSE CVE CVE-2024-4418 page
Описание
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop() method, the `data` pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's stack frame was concurrently being "freed" when returning from virNetClientIOEventLoop(). The 'virtproxyd' daemon can be used to trigger requests. If libvirt is configured with fine-grained access control, this issue, in theory, allows a user to escape their otherwise limited access. This flaw allows a local, unprivileged user to access virtproxyd without authenticating. Remote users would need to authenticate before they could access it.
Затронутые продукты
Container suse/manager/5.0/x86_64/server:latest:libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS-Azure:libvirt-client-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS-Azure:libvirt-libs-10.0.0-150600.8.3.1
Image SLES15-SP6-SAP-BYOS-EC2:libvirt-client-10.0.0-150600.8.3.1
Ссылки
- CVE-2024-4418
- SUSE Bug 1223849