Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2018:0939-1

Опубликовано: 12 апр. 2018
Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt and virt-manager fixes the following issues:

Security issues fixed:

  • CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' (var2) (bsc#1079869).
  • CVE-2018-6764: Fixed guest executable code injection via libnss_dns.so loaded by libvirt_lxc before init (bsc#1080042).
  • CVE-2018-1064: Fixed denial of service when reading from guest agent (bsc#1083625).

Non-security issues fixed in libvirt:

  • bsc#1070615: Fixed TPM device passthrough failure on kernels >= 4.0.
  • bsc#1082041: SUSE Linux Enterprise 11 SP4 hvm converted to pvhvm. Unless vm memory is on gig boundary, vm won't boot.
  • bsc#1082161: Unable to change RTC basis or adjustment for Xen HVM guests using libvirt.

Non-security issues fixed in virt-manager:

  • bsc#1086038: VM guests cannot be properly installed with virt-install
  • bsc#1067018: KVM Guest creation failed - Property .cmt not found
  • bsc#1054986: Fix openSUSE 15.0 detection. It has no content file or .treeinfo file
  • bsc#1085757: Fallback to latest version of openSUSE when opensuse-unknown is detected for the ISO

This update was imported from the SUSE:SLE-12-SP3:Update update project.

Список пакетов

openSUSE Leap 42.3
libvirt-3.3.0-15.1
libvirt-admin-3.3.0-15.1
libvirt-client-3.3.0-15.1
libvirt-daemon-3.3.0-15.1
libvirt-daemon-config-network-3.3.0-15.1
libvirt-daemon-config-nwfilter-3.3.0-15.1
libvirt-daemon-driver-interface-3.3.0-15.1
libvirt-daemon-driver-libxl-3.3.0-15.1
libvirt-daemon-driver-lxc-3.3.0-15.1
libvirt-daemon-driver-network-3.3.0-15.1
libvirt-daemon-driver-nodedev-3.3.0-15.1
libvirt-daemon-driver-nwfilter-3.3.0-15.1
libvirt-daemon-driver-qemu-3.3.0-15.1
libvirt-daemon-driver-secret-3.3.0-15.1
libvirt-daemon-driver-storage-3.3.0-15.1
libvirt-daemon-driver-storage-core-3.3.0-15.1
libvirt-daemon-driver-storage-disk-3.3.0-15.1
libvirt-daemon-driver-storage-iscsi-3.3.0-15.1
libvirt-daemon-driver-storage-logical-3.3.0-15.1
libvirt-daemon-driver-storage-mpath-3.3.0-15.1
libvirt-daemon-driver-storage-rbd-3.3.0-15.1
libvirt-daemon-driver-storage-scsi-3.3.0-15.1
libvirt-daemon-driver-uml-3.3.0-15.1
libvirt-daemon-driver-vbox-3.3.0-15.1
libvirt-daemon-hooks-3.3.0-15.1
libvirt-daemon-lxc-3.3.0-15.1
libvirt-daemon-qemu-3.3.0-15.1
libvirt-daemon-uml-3.3.0-15.1
libvirt-daemon-vbox-3.3.0-15.1
libvirt-daemon-xen-3.3.0-15.1
libvirt-devel-3.3.0-15.1
libvirt-devel-32bit-3.3.0-15.1
libvirt-doc-3.3.0-15.1
libvirt-libs-3.3.0-15.1
libvirt-lock-sanlock-3.3.0-15.1
libvirt-nss-3.3.0-15.1
virt-install-1.4.1-9.1
virt-manager-1.4.1-9.1
virt-manager-common-1.4.1-9.1

Ссылки

Описание

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

Затронутые продукты
openSUSE Leap 42.3:libvirt-3.3.0-15.1
openSUSE Leap 42.3:libvirt-admin-3.3.0-15.1
openSUSE Leap 42.3:libvirt-client-3.3.0-15.1
openSUSE Leap 42.3:libvirt-daemon-3.3.0-15.1
Ссылки

Описание

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

Затронутые продукты
openSUSE Leap 42.3:libvirt-3.3.0-15.1
openSUSE Leap 42.3:libvirt-admin-3.3.0-15.1
openSUSE Leap 42.3:libvirt-client-3.3.0-15.1
openSUSE Leap 42.3:libvirt-daemon-3.3.0-15.1
Ссылки

Описание

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.

Затронутые продукты
openSUSE Leap 42.3:libvirt-3.3.0-15.1
openSUSE Leap 42.3:libvirt-admin-3.3.0-15.1
openSUSE Leap 42.3:libvirt-client-3.3.0-15.1
openSUSE Leap 42.3:libvirt-daemon-3.3.0-15.1
Ссылки
Уязвимость openSUSE-SU-2018:0939-1