Bug 1076500 - (CVE-2018-5748) VUL-1: CVE-2018-5748: libvirt: resource exhaustion via qemuMonitorIORead() method
(CVE-2018-5748)
VUL-1: CVE-2018-5748: libvirt: resource exhaustion via qemuMonitorIORead() me...
Status: RESOLVED FIXED
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
unspecified
Other Other
: P4 - Low : Minor
: ---
Assigned To: Security Team bot
Security Team bot
https://smash.suse.de/issue/198578/
CVSSv3:SUSE:CVE-2018-5748:2.8:(AV:L/A...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2018-01-18 08:10 UTC by Marcus Meissner
Modified: 2020-06-11 04:12 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marcus Meissner 2018-01-18 08:10:31 UTC
rh#1528396

A flaw was found in Qemu. A lack of restriction for the amount of data read by QEMU Monitor socket can lead to denial of service by exhaustion of memory resources.

References:

https://www.redhat.com/archives/libvir-list/2017-December/msg00749.html

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1528396
Comment 1 Marcus Meissner 2018-01-18 08:22:51 UTC
seems in all code streams
Comment 2 James Fehlig 2018-01-19 19:32:24 UTC
The fix was included in libvirt 4.0.0, which has been submitted to Factory/SLE15 via SR#567782.
Comment 3 Swamp Workflow Management 2018-01-19 20:10:14 UTC
This is an autogenerated message for OBS integration:
This bug (1076500) was mentioned in
https://build.opensuse.org/request/show/567784 Factory / libvirt
Comment 4 James Fehlig 2018-01-19 21:07:31 UTC
I've now added the fix to the SLE11 SP4 and SLE12 SP2/3 libvirt packages. For SLE11 SP4, fix is queued for a future maintenance round. For SLE12 SP2/3, I've resubmitted on top of the recent requests to start maintenance incidents. 

I'm done with this bug. Reassigning to the security team...
Comment 7 Swamp Workflow Management 2018-01-30 11:14:32 UTC
SUSE-SU-2018:0279-1: An update that solves one vulnerability and has 9 fixes is now available.

Category: security (moderate)
Bug References: 1035442,1052825,1062571,1062760,1064947,1065766,1070130,1072887,1073973,1076500
CVE References: CVE-2018-5748
Sources used:
SUSE Linux Enterprise Software Development Kit 12-SP3 (src):    libvirt-3.3.0-5.13.1
SUSE Linux Enterprise Server 12-SP3 (src):    libvirt-3.3.0-5.13.1
SUSE Linux Enterprise Desktop 12-SP3 (src):    libvirt-3.3.0-5.13.1
Comment 8 Swamp Workflow Management 2018-01-31 23:13:20 UTC
openSUSE-SU-2018:0322-1: An update that solves one vulnerability and has 9 fixes is now available.

Category: security (moderate)
Bug References: 1035442,1052825,1062571,1062760,1064947,1065766,1070130,1072887,1073973,1076500
CVE References: CVE-2018-5748
Sources used:
openSUSE Leap 42.3 (src):    libvirt-3.3.0-12.1
Comment 9 Swamp Workflow Management 2018-02-07 17:24:32 UTC
SUSE-SU-2018:0385-1: An update that solves one vulnerability and has three fixes is now available.

Category: security (moderate)
Bug References: 1070130,1072887,1073973,1076500
CVE References: CVE-2018-5748
Sources used:
SUSE Linux Enterprise Workstation Extension 12-SP2 (src):    libvirt-2.0.0-27.29.1
SUSE Linux Enterprise Software Development Kit 12-SP2 (src):    libvirt-2.0.0-27.29.1
SUSE Linux Enterprise Server for Raspberry Pi 12-SP2 (src):    libvirt-2.0.0-27.29.1
SUSE Linux Enterprise Server 12-SP2 (src):    libvirt-2.0.0-27.29.1
SUSE Linux Enterprise Desktop 12-SP2 (src):    libvirt-2.0.0-27.29.1
Comment 10 Marcus Meissner 2018-02-08 06:16:21 UTC
released
Comment 12 Swamp Workflow Management 2018-03-29 10:12:17 UTC
SUSE-SU-2018:0838-1: An update that solves three vulnerabilities and has two fixes is now available.

Category: security (important)
Bug References: 1055365,1076500,1079869,1083061,1083625
CVE References: CVE-2017-5715,CVE-2018-1064,CVE-2018-5748
Sources used:
SUSE Linux Enterprise Software Development Kit 11-SP4 (src):    libvirt-1.2.5-23.6.1
SUSE Linux Enterprise Server 11-SP4 (src):    libvirt-1.2.5-23.6.1
SUSE Linux Enterprise Debuginfo 11-SP4 (src):    libvirt-1.2.5-23.6.1
Comment 16 Swamp Workflow Management 2018-05-15 16:12:53 UTC
SUSE-SU-2018:1295-1: An update that solves three vulnerabilities and has 5 fixes is now available.

Category: security (important)
Bug References: 1025340,1076500,1079869,1083625,1087887,1088147,936233,960742
CVE References: CVE-2017-5715,CVE-2018-1064,CVE-2018-5748
Sources used:
SUSE Linux Enterprise Server 11-SP3-LTSS (src):    libvirt-1.0.5.9-21.5.1
SUSE Linux Enterprise Point of Sale 11-SP3 (src):    libvirt-1.0.5.9-21.5.1
SUSE Linux Enterprise Debuginfo 11-SP3 (src):    libvirt-1.0.5.9-21.5.1
Comment 18 Swamp Workflow Management 2018-07-30 22:07:48 UTC
SUSE-SU-2018:2141-1: An update that solves 5 vulnerabilities and has 7 fixes is now available.

Category: security (important)
Bug References: 1076500,1079869,1083625,1092885,854343,897352,954872,956298,964465,968483,980558,987527
CVE References: CVE-2016-5008,CVE-2017-5715,CVE-2018-1064,CVE-2018-3639,CVE-2018-5748
Sources used:
SUSE Linux Enterprise Server 12-LTSS (src):    libvirt-1.2.5-27.13.1
Comment 19 Marcus Meissner 2018-09-07 13:04:32 UTC
released