Bugzilla – Bug 1168683
VUL-0: CVE-2020-10703: libvirt: potential denial of service via active pool without target path
Last modified: 2020-10-21 09:25:58 UTC
CVE-2020-10703 A flaw was found in libvirt. A pool created without a target path may lead to segmentation fault and denial of service. This issue may be triggered by a read only user. References: https://bugzilla.redhat.com/show_bug.cgi?id=1790725 https://bugzilla.redhat.com/show_bug.cgi?id=1816650 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10703 https://access.redhat.com/security/cve/CVE-2020-10703
Upstream fix: https://libvirt.org/git/?p=libvirt.git;a=commit;h=dfff16a7c261f8d28e3abe60a47165f845fa952f
The affected API `virStoragePoolObjListSearch` was introduced in `libvirt` upstream version v3.10.0: https://github.com/libvirt/libvirt/commit/5d5c732d748d644ec14626bce448e84bdc4bd93e Thus the following code streams are being tracked as affected: SUSE:SLE-12-SP4:Update SUSE:SLE-12-SP5:Update SUSE:SLE-15:Update SUSE:SLE-15-SP1:Update
Note to self: The patch was included in 6.0.0 so is already in SLE15 SP2.
(In reply to Wolfgang Frisch from comment #2) > Thus the following code streams are being tracked as affected: > SUSE:SLE-12-SP4:Update > SUSE:SLE-12-SP5:Update > SUSE:SLE-15:Update > SUSE:SLE-15-SP1:Update I backported the fix to all of these and have them queued in our associated devel projects (e.g. Devel:Virt:SLE-15-SP1/libvirt). Before submitting anything to maintenance it would be nice to have my long-standing question answered in the following CVE bug https://bugzilla.suse.com/show_bug.cgi?id=1165616#c1
I've submitted maintenance requests for all affected code streams. I'm done so passing to the security team.
SUSE-SU-2020:1208-1: An update that solves two vulnerabilities and has 8 fixes is now available. Category: security (important) Bug References: 1145774,1151850,1152649,1154093,1157490,1161883,1162160,1167007,1168683,1170765 CVE References: CVE-2020-10703,CVE-2020-12430 Sources used: SUSE Linux Enterprise Module for Server Applications 15-SP1 (src): libvirt-5.1.0-8.16.1 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): libvirt-5.1.0-8.16.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): libvirt-5.1.0-8.16.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1277-1: An update that solves two vulnerabilities and has four fixes is now available. Category: security (important) Bug References: 1157490,1161883,1162160,1167007,1168683,1170765 CVE References: CVE-2020-10703,CVE-2020-12430 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP5 (src): libvirt-5.1.0-13.6.2 SUSE Linux Enterprise Server 12-SP5 (src): libvirt-5.1.0-13.6.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
SUSE-SU-2020:1289-1: An update that solves one vulnerability and has 6 fixes is now available. Category: security (important) Bug References: 1133719,1137137,1138734,1145586,1149100,1154093,1168683 CVE References: CVE-2020-10703 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP4 (src): libvirt-4.0.0-8.20.2 SUSE Linux Enterprise Server 12-SP4 (src): libvirt-4.0.0-8.20.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Done