openSUSE-SU-2021:1119-1

Опубликовано: 10 авг. 2021

Источник: suse-cvrf

Описание

Security update for libvirt

This update for libvirt fixes the following issues:

CVE-2021-3631: fix SELinux label generation logic (bsc#1187871)

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Список пакетов

openSUSE Leap 15.2

libvirt-6.0.0-lp152.9.12.1

libvirt-admin-6.0.0-lp152.9.12.1

libvirt-bash-completion-6.0.0-lp152.9.12.1

libvirt-client-6.0.0-lp152.9.12.1

libvirt-daemon-6.0.0-lp152.9.12.1

libvirt-daemon-config-network-6.0.0-lp152.9.12.1

libvirt-daemon-config-nwfilter-6.0.0-lp152.9.12.1

libvirt-daemon-driver-interface-6.0.0-lp152.9.12.1

libvirt-daemon-driver-libxl-6.0.0-lp152.9.12.1

libvirt-daemon-driver-lxc-6.0.0-lp152.9.12.1

libvirt-daemon-driver-network-6.0.0-lp152.9.12.1

libvirt-daemon-driver-nodedev-6.0.0-lp152.9.12.1

libvirt-daemon-driver-nwfilter-6.0.0-lp152.9.12.1

libvirt-daemon-driver-qemu-6.0.0-lp152.9.12.1

libvirt-daemon-driver-secret-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-core-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-disk-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-gluster-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-iscsi-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-logical-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-mpath-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-rbd-6.0.0-lp152.9.12.1

libvirt-daemon-driver-storage-scsi-6.0.0-lp152.9.12.1

libvirt-daemon-hooks-6.0.0-lp152.9.12.1

libvirt-daemon-lxc-6.0.0-lp152.9.12.1

libvirt-daemon-qemu-6.0.0-lp152.9.12.1

libvirt-daemon-xen-6.0.0-lp152.9.12.1

libvirt-devel-6.0.0-lp152.9.12.1

libvirt-devel-32bit-6.0.0-lp152.9.12.1

libvirt-doc-6.0.0-lp152.9.12.1

libvirt-libs-6.0.0-lp152.9.12.1

libvirt-lock-sanlock-6.0.0-lp152.9.12.1

libvirt-nss-6.0.0-lp152.9.12.1

wireshark-plugin-libvirt-6.0.0-lp152.9.12.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/H5E4Y5JNZAR2C5I2WQMIIPVYTGLK5SBC/
E-Mail link for openSUSE-SU-2021:1119-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1184253
SUSE Bug 1184253
https://bugzilla.suse.com/1187871
SUSE Bug 1187871
https://www.suse.com/security/cve/CVE-2021-3631/
SUSE CVE CVE-2021-3631 page

Описание

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

Затронутые продукты

openSUSE Leap 15.2:libvirt-6.0.0-lp152.9.12.1

openSUSE Leap 15.2:libvirt-admin-6.0.0-lp152.9.12.1

openSUSE Leap 15.2:libvirt-bash-completion-6.0.0-lp152.9.12.1

openSUSE Leap 15.2:libvirt-client-6.0.0-lp152.9.12.1

Ссылки

https://www.suse.com/security/cve/CVE-2021-3631.html
CVE-2021-3631
https://bugzilla.suse.com/1187871
SUSE Bug 1187871

openSUSE-SU-2021:1119-1

Описание

Список пакетов

openSUSE Leap 15.2

Ссылки

Уязвимость: CVE-2021-3631

Описание

Затронутые продукты

Ссылки