[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Libvirt-announce] LSN-2019-0006: virConnectGetDomainCapabilities does not check for read-only connection



       Libvirt Security Notice: LSN-2019-0006
       ======================================

      Summary: virConnectGetDomainCapabilities does not check for
               read-only connection
  Reported on: 20190604
 Published on: 20190620
     Fixed on: 20190620
  Reported by: Ján Tomko <jtomko redhat com>
   Patched by: Ján Tomko <jtomko redhat com>
     See also: CVE-2019-10167

Description
-----------

The virConnectGetDomainCapabilities API reports the domain
capabilities XML without checking for a read-only connection. This
allows unprivileged users to execute arbitrary binaries with
elevated privileges.

Impact
------

The default libvirt configuration allows all local user accounts
read-only access to the libvirtd daemon. Any local user can provide
an arbitrary emulator, executing arbitrary binaries as the
configured QEMU user. Since v5.1.0, the emulator binary is run with
CAP_DAC_OVERRIDE, essentially having root privileges.

Workaround
----------

Edit the /etc/libvirt/libvirtd.conf configuration file, to set the
'unix_sock_ro_perms = "0700"' to prevent local users from connecting
to libvirt. Alternatively setup a policy kit rule to prevent them
access without first authenticating as root.

Affected product
----------------

       Name: libvirt
 Repository: git://libvirt.org/git/libvirt.git
             http://libvirt.org/git/?p=libvirt.git

     Branch: master
  Broken in: v1.2.19
  Broken in: v1.2.20
  Broken in: v1.2.21
  Broken in: v1.3.0
  Broken in: v1.3.1
  Broken in: v1.3.2
  Broken in: v1.3.3
  Broken in: v1.3.4
  Broken in: v1.3.5
  Broken in: v2.0.0
  Broken in: v2.1.0
  Broken in: v2.2.0
  Broken in: v2.3.0
  Broken in: v2.4.0
  Broken in: v2.5.0
  Broken in: v3.0.0
  Broken in: v3.1.0
  Broken in: v3.2.0
  Broken in: v3.3.0
  Broken in: v3.4.0
  Broken in: v3.5.0
  Broken in: v3.6.0
  Broken in: v3.7.0
  Broken in: v3.8.0
  Broken in: v3.9.0
  Broken in: v3.10.0
  Broken in: v4.0.0
  Broken in: v4.1.0
  Broken in: v4.2.0
  Broken in: v4.3.0
  Broken in: v4.4.0
  Broken in: v4.5.0
  Broken in: v4.6.0
  Broken in: v4.7.0
  Broken in: v4.8.0
  Broken in: v4.9.0
  Broken in: v4.10.0
  Broken in: v5.0.0
  Broken in: v5.1.0
  Broken in: v5.2.0
  Broken in: v5.3.0
  Broken in: v5.4.0
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 8afa68bac0cf99d1f8aaa6566685c43c22622f26

     Branch: v1.2.19-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 7d3b95b03880c8ade5f908dcb3d3c8b2d8e82a8f

     Branch: v1.2.20-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: c5cc88c32320d46f27521aac69027baa3d426ff2

     Branch: v1.2.21-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: badcb3662a5b28d3ed01c8ceff496e6197d12e3c

     Branch: v1.3.0-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 6ba6bb236a7e293007eb21013d69f42dd1fb21c8

     Branch: v1.3.1-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: be5d96d547ec54bc35e5eab6472ec900184ae837

     Branch: v1.3.2-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: e433008df4867b43085961a0f8181ac9401e707b

     Branch: v1.3.3-maint
  Broken in: v1.3.3.1
  Broken in: v1.3.3.2
  Broken in: v1.3.3.3
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: a663e28410aa853675b8b090a1ffafa7c8711ead

     Branch: v1.3.4-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: ab728b5658b307bcde90cf9e9d2e9c2cfb3e9de0

     Branch: v1.3.5-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 5632ca00ef8b75ce600ebb7255d392339c07b967

     Branch: v2.0-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 1e51b78a92fa2b381a5741599f4909c2516c0481

     Branch: v2.1-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: e322b6f73dc2fb5eaab14406cc786361d17ffdc3

     Branch: v2.2-maint
  Broken in: v2.2.1
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: c97b296cf8b336ed1a3260af8c8bd79746cb2971

     Branch: v3.0-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: bfea7de821a224782253061309e5005486b1b2f6

     Branch: v3.2-maint
  Broken in: v3.2.1
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 452fa3ae558bc842a88753fcdf0d1141a2fd212c

     Branch: v3.7-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: d47a396e995180fd54a0f84cf137f024159b7967

     Branch: v4.1-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 585be8edbef5ce4ef30e6c20386358ca1ba8e344

     Branch: v4.2-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 4ce590b007d80b41abd00aba95f73c04e71ff53b

     Branch: v4.3-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: f9b65fa812f6f121b7c5f5daa642f05310b4123c

     Branch: v4.4-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 15502d85dd21d7badeb230285898fa28f67cba9d

     Branch: v4.5-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: fd16bd525afeac6870ab3b747d9ee16002e2f1b2

     Branch: v4.6-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 93edb0ea630556569320de83d45b100718f1391f

     Branch: v4.7-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 5441f05a42a90779b0df86518286bf527e94aafb

     Branch: v4.8-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 38a16f786794887cb2fd8e82d4b52e07a77d9f50

     Branch: v4.9-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 6452b9fdff7988024a6157ca0a973ac3abf54468

     Branch: v4.10-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: d238f132e6e0432a42d3cdff4571730dae3a85eb

     Branch: v5.0-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 58f237d696310f3ac62e98b3b5e9cb98e13064e9

     Branch: v5.1-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: c5085b7a9031f899c7bef0d2630aa77c461b92a6

     Branch: v5.1.0-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9

     Branch: v5.2-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 4f50f36c0004af0faf0f535b46e2a1841c2443d8

     Branch: v5.3-maint
  Broken by: e8d55172544c1fafe31a9e09346bdebca4f0d6f9
   Fixed by: 97a737c58ff6080bd0e149830b860ef32b3d2acb


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]