Red Hat Virtualization Security Notice: RHSA-2019:0458-01 VDSM Fix
red hat
March 5, 2019
An update for vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7
Solution
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/2974891
Summary
The VDSM service is required by a Virtualization Manager to manage the
Linux hosts. VDSM manages and monitors the host's storage, memory and
networks as well as virtual machine creation, other host administration
tasks, statistics gathering, and log collection.
The following packages have been upgraded to a later upstream version: vdsm
(4.20.47). (BZ#1677458)
Security Fix(es):
* vdsm: privilege escalation to root via systemd_run (CVE-2019-3831)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Bug Fix(es):
* VDSM attempted to collect OpenStack related information, even on hosts
that are not connected to OpenStack, and displayed a repeated error message
in the system log. In this release, errors originating from OpenStack
related information are not recorded in the system log. As a result, the
system log is quieter. (BZ#1673765)
References
https://access.redhat.com/security/cve/CVE-2019-3831 https://access.redhat.com/security/updates/classification#moderate
Package List
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts:
Source:
vdsm-4.20.47-1.el7ev.src.rpm
noarch:
vdsm-api-4.20.47-1.el7ev.noarch.rpm
vdsm-client-4.20.47-1.el7ev.noarch.rpm
vdsm-common-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-cpuflags-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-ethtool-options-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-fcoe-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-localdisk-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-macspoof-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-nestedvt-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-openstacknet-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-vhostmd-4.20.47-1.el7ev.noarch.rpm
vdsm-hook-vmfex-dev-4.20.47-1.el7ev.noarch.rpm
vdsm-http-4.20.47-1.el7ev.noarch.rpm
vdsm-jsonrpc-4.20.47-1.el7ev.noarch.rpm
vdsm-python-4.20.47-1.el7ev.noarch.rpm
vdsm-yajsonrpc-4.20.47-1.el7ev.noarch.rpm
ppc64le:
vdsm-4.20.47-1.el7ev.ppc64le.rpm
vdsm-gluster-4.20.47-1.el7ev.ppc64le.rpm
vdsm-hook-checkips-4.20.47-1.el7ev.ppc64le.rpm
vdsm-hook-extra-ipv4-addrs-4.20.47-1.el7ev.ppc64le.rpm
vdsm-network-4.20.47-1.el7ev.ppc64le.rpm
x86_64:
vdsm-4.20.47-1.el7ev.x86_64.rpm
vdsm-gluster-4.20.47-1.el7ev.x86_64.rpm
vdsm-hook-checkips-4.20.47-1.el7ev.x86_64.rpm
vdsm-hook-extra-ipv4-addrs-4.20.47-1.el7ev.x86_64.rpm
vdsm-network-4.20.47-1.el7ev.x86_64.rpm
Read the Full Advisory
PREVIOUS 
NEXT Advisory ID: RHSA-2019:0458-01
Product: Red Hat Virtualization
Advisory URL: https://access.redhat.com/errata/RHSA-2019:0458
Issue date: 2019-03-05
Topic
An update for vdsm is now available for Red Hat Virtualization 4 for RedHat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.
Relevant Releases Architectures
Red Hat Virtualization 4 Management Agent for RHEL 7 Hosts - noarch, ppc64le, x86_64
Bugs Fixed
1673765 - Messages log spammed with ovs|00001|db_ctl_base|ERR|no key "odl_os_hostconfig_hostid"
1677108 - CVE-2019-3831 vdsm: privilege escalation to root via systemd_run
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!