[PATCH] Add news item for sVirt CVE fix
Daniel P. Berrangé
berrange at redhat.com
Thu Jul 1 11:39:08 UTC 2021
Signed-off-by: Daniel P. Berrangé <berrange at redhat.com>
---
NEWS.rst | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/NEWS.rst b/NEWS.rst
index 935b0d0aad..3297560941 100644
--- a/NEWS.rst
+++ b/NEWS.rst
@@ -11,6 +11,14 @@ For a more fine-grained view, use the `git log`_.
v7.5.0 (unreleased)
===================
+* **Security fixes**
+
+ * svirt: fix MCS label generation (CVE-2021-3631)
+
+ A flaw in the way MCS labels were generated could result in a VM's
+ resource not being fully protected from access by another VM were
+ it to be compromised. https://gitlab.com/libvirt/libvirt/-/issues/153
+
* **Removed features**
* xen: Remove support for Xen < 4.9
--
2.31.1
More information about the libvir-list
mailing list