Описание
Security update for libvirt
This update for libvirt fixes the following issues:
- CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. bsc#1161883, bsc#1174458
This update was imported from the SUSE:SLE-15-SP2:Update update project.
Список пакетов
openSUSE Leap 15.2
libvirt-6.0.0-lp152.9.3.1
libvirt-admin-6.0.0-lp152.9.3.1
libvirt-bash-completion-6.0.0-lp152.9.3.1
libvirt-client-6.0.0-lp152.9.3.1
libvirt-daemon-6.0.0-lp152.9.3.1
libvirt-daemon-config-network-6.0.0-lp152.9.3.1
libvirt-daemon-config-nwfilter-6.0.0-lp152.9.3.1
libvirt-daemon-driver-interface-6.0.0-lp152.9.3.1
libvirt-daemon-driver-libxl-6.0.0-lp152.9.3.1
libvirt-daemon-driver-lxc-6.0.0-lp152.9.3.1
libvirt-daemon-driver-network-6.0.0-lp152.9.3.1
libvirt-daemon-driver-nodedev-6.0.0-lp152.9.3.1
libvirt-daemon-driver-nwfilter-6.0.0-lp152.9.3.1
libvirt-daemon-driver-qemu-6.0.0-lp152.9.3.1
libvirt-daemon-driver-secret-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-core-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-disk-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-gluster-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-iscsi-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-logical-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-mpath-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-rbd-6.0.0-lp152.9.3.1
libvirt-daemon-driver-storage-scsi-6.0.0-lp152.9.3.1
libvirt-daemon-hooks-6.0.0-lp152.9.3.1
libvirt-daemon-lxc-6.0.0-lp152.9.3.1
libvirt-daemon-qemu-6.0.0-lp152.9.3.1
libvirt-daemon-xen-6.0.0-lp152.9.3.1
libvirt-devel-6.0.0-lp152.9.3.1
libvirt-devel-32bit-6.0.0-lp152.9.3.1
libvirt-doc-6.0.0-lp152.9.3.1
libvirt-libs-6.0.0-lp152.9.3.1
libvirt-lock-sanlock-6.0.0-lp152.9.3.1
libvirt-nss-6.0.0-lp152.9.3.1
wireshark-plugin-libvirt-6.0.0-lp152.9.3.1
Ссылки
- E-Mail link for openSUSE-SU-2020:1455-1
- SUSE Security Ratings
- SUSE Bug 1161883
- SUSE Bug 1174458
- SUSE CVE CVE-2020-14339 page
Описание
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Затронутые продукты
openSUSE Leap 15.2:libvirt-6.0.0-lp152.9.3.1
openSUSE Leap 15.2:libvirt-admin-6.0.0-lp152.9.3.1
openSUSE Leap 15.2:libvirt-bash-completion-6.0.0-lp152.9.3.1
openSUSE Leap 15.2:libvirt-client-6.0.0-lp152.9.3.1
Ссылки
- CVE-2020-14339
- SUSE Bug 1174458