[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libvirt-announce] LSN-2019-0005: virDomainManagedSaveDefineXML does not check for read-only connection



       Libvirt Security Notice: LSN-2019-0005
       ======================================

      Summary: virDomainManagedSaveDefineXML does not check for
               read-only connection
  Reported on: 20190604
 Published on: 20190620
     Fixed on: 20190620
  Reported by: Matthias Gerstner <mgerstner suse de>
   Patched by: Ján Tomko <jtomko redhat com>
     See also: CVE-2019-10166

Description
-----------

The virDomainManagedSaveDefineXML API redefines the manage-saved
domain XML without checking for a read-only connection. This allows
unprivileged users to check for existence of arbitrary files or
executing arbitrary binaries with elevated privileges.

Impact
------

The default libvirt configuration allows all local user accounts
read-only access to the libvirtd daemon. Any local user can provide
an arbitrary emulator, executing arbitrary binaries as the
configured QEMU user. Since v5.1.0, the emulator binary is run with
CAP_DAC_OVERRIDE, essentially having root privileges.

Workaround
----------

Edit the /etc/libvirt/libvirtd.conf configuration file, to set the
'unix_sock_ro_perms = "0700"' to prevent local users from connecting
to libvirt. Alternatively setup a policy kit rule to prevent them
access without first authenticating as root.

Affected product
----------------

       Name: libvirt
 Repository: git://libvirt.org/git/libvirt.git
             http://libvirt.org/git/?p=libvirt.git

     Branch: master
  Broken in: v3.7.0
  Broken in: v3.8.0
  Broken in: v3.9.0
  Broken in: v3.10.0
  Broken in: v4.0.0
  Broken in: v4.1.0
  Broken in: v4.2.0
  Broken in: v4.3.0
  Broken in: v4.4.0
  Broken in: v4.5.0
  Broken in: v4.6.0
  Broken in: v4.7.0
  Broken in: v4.8.0
  Broken in: v4.9.0
  Broken in: v4.10.0
  Broken in: v5.0.0
  Broken in: v5.1.0
  Broken in: v5.2.0
  Broken in: v5.3.0
  Broken in: v5.4.0
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: db0b78457f183e4c7ac45bc94de86044a1e2056a

     Branch: v3.7-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: e7d9c8899fc7751201b46b6cf6bff4eadb38af2f

     Branch: v4.1-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: d9a1f3debad411756f53ab8ab81e44ab0bb50e0a

     Branch: v4.2-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 1813138f6b00058285e325191d50c41ace39e5b3

     Branch: v4.3-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 9816854ac4e5ccd87cf82320b4550671e75f6509

     Branch: v4.4-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: e777cce08e069e29deedec540d463ed70c29e92c

     Branch: v4.5-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: d025c10d54975fe98927be85f33146e780c28d52

     Branch: v4.6-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 00e673c93fc3d0cfed274cc7a1ec2c52260c8262

     Branch: v4.7-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 6da721ea37bf3624ff9922637cfa657d2dcb20f9

     Branch: v4.8-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 6dc29a174ae204b1ae13fed0f533818ad6d24b9f

     Branch: v4.9-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 0a744e15517d727c7f473fabe32ca6b0dbb7b7d1

     Branch: v4.10-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 3f744efec31959f7643849f6a3708198bcdfc6ae

     Branch: v5.0-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: a064d492272bcb0029b140ec4e18fce1ac0ec5b2

     Branch: v5.1-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 58c7c3fc4a0f15544c2054ed4682ff5d740681ab

     Branch: v5.1.0-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6

     Branch: v5.2-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: 96bca3af450cc62183b91a361f7024f93126bc49

     Branch: v5.3-maint
  Broken by: 1558f2584fd9b32c7903238bff2c9f12ba406ba6
   Fixed by: f4dabe99f7f46520f2967f3e068fcbeb54e617df


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]