Updated libvirt packages fix security vulnerabilities
Publication date: 15 Dec 2019Modification date: 15 Dec 2019
Type: security
Affected Mageia releases : 7
CVE: CVE-2019-3886 , CVE-2019-10132 , CVE-2019-10161 , CVE-2019-10166 , CVE-2019-10167 , CVE-2019-10168
Description
Updated libvirt packages fix security vulnerabilities: An information leak which allowed to retrieve the guest hostname under readonly mode (CVE-2019-3886). Wrong permissions in systemd admin-sock due to missing SocketMode parameter (CVE-2019-10132). Arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161). virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166). Arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167). Arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168). Also, this update contains the libvirt adjustments, that pass through the new 'md-clear' CPU flag, to help address Intel CPU speculative execution flaws.
References
- https://bugs.mageia.org/show_bug.cgi?id=24757
- https://lists.opensuse.org/opensuse-updates/2019-04/msg00207.html
- https://access.redhat.com/errata/RHSA-2019:1264
- https://access.redhat.com/errata/RHSA-2019:1579
- https://lists.opensuse.org/opensuse-updates/2019-06/msg00023.html
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3886
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10132
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10161
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10166
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10167
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10168
SRPMS
7/core
- libvirt-5.5.0-1.mga7
- python-libvirt-5.5.0-1.mga7