Alerts This Week
Warning Icon 1 626
Alerts This Week
Warning Icon 1 626

Red Hat 7: RHSA-2019-1579-01 Important: libvirt Security Fix

Calendar Jun 20, 2019 User Avatar LinuxSecurity Advisories
14 - 27 min read
Redhat Large Esm H500
Topics%20covered

Topics Covered

security advisory Red Hat bug fix important arbitrary command execution security impact libvirt
An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Important: libvirt security and bug fix update
Advisory ID:       RHSA-2019:1579-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2019:1579
Issue date:        2019-06-20
CVE Names:         CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 
                   CVE-2019-10168 
====================================================================
1. Summary:

An update for libvirt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Client (v. 7) - x86_64
Red Hat Enterprise Linux Client Optional (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64
Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64
Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64
Red Hat Enterprise Linux Workstation (v. 7) - x86_64
Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - ppc64le, s390x
Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x

3. Description:

The libvirt library contains a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.

Security Fix(es):

* libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
(CVE-2019-10161)

* libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
(CVE-2019-10166)

* libvirt: arbitrary command execution via virConnectGetDomainCapabilities
API (CVE-2019-10167)

* libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU
and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* Live migration fail with unsafe error when GPFS is used as shared
filesystem (BZ#1715867)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, libvirtd will be restarted
automatically.

5. Bugs fixed (https://bugzilla.redhat.com/):

1720114 - CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
1720115 - CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
1720117 - CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API
1720118 - CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

6. Package List:

Red Hat Enterprise Linux Client (v. 7):

Source:
libvirt-4.5.0-10.el7_6.12.src.rpm

x86_64:
libvirt-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-client-4.5.0-10.el7_6.12.i686.rpm
libvirt-client-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-libs-4.5.0-10.el7_6.12.i686.rpm
libvirt-libs-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux Client Optional (v. 7):

x86_64:
libvirt-admin-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-devel-4.5.0-10.el7_6.12.i686.rpm
libvirt-devel-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-docs-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-nss-4.5.0-10.el7_6.12.i686.rpm
libvirt-nss-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux ComputeNode (v. 7):

Source:
libvirt-4.5.0-10.el7_6.12.src.rpm

x86_64:
libvirt-bash-completion-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-client-4.5.0-10.el7_6.12.i686.rpm
libvirt-client-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-libs-4.5.0-10.el7_6.12.i686.rpm
libvirt-libs-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux ComputeNode Optional (v. 7):

x86_64:
libvirt-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-admin-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-devel-4.5.0-10.el7_6.12.i686.rpm
libvirt-devel-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-docs-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-nss-4.5.0-10.el7_6.12.i686.rpm
libvirt-nss-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux Server (v. 7):

Source:
libvirt-4.5.0-10.el7_6.12.src.rpm

ppc64:
libvirt-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-client-4.5.0-10.el7_6.12.ppc.rpm
libvirt-client-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-devel-4.5.0-10.el7_6.12.ppc.rpm
libvirt-devel-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-docs-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-libs-4.5.0-10.el7_6.12.ppc.rpm
libvirt-libs-4.5.0-10.el7_6.12.ppc64.rpm

ppc64le:
libvirt-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-client-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-devel-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-docs-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-libs-4.5.0-10.el7_6.12.ppc64le.rpm

s390x:
libvirt-4.5.0-10.el7_6.12.s390x.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.s390x.rpm
libvirt-client-4.5.0-10.el7_6.12.s390.rpm
libvirt-client-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.s390x.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390x.rpm
libvirt-devel-4.5.0-10.el7_6.12.s390.rpm
libvirt-devel-4.5.0-10.el7_6.12.s390x.rpm
libvirt-docs-4.5.0-10.el7_6.12.s390x.rpm
libvirt-libs-4.5.0-10.el7_6.12.s390.rpm
libvirt-libs-4.5.0-10.el7_6.12.s390x.rpm

x86_64:
libvirt-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-client-4.5.0-10.el7_6.12.i686.rpm
libvirt-client-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-devel-4.5.0-10.el7_6.12.i686.rpm
libvirt-devel-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-docs-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-libs-4.5.0-10.el7_6.12.i686.rpm
libvirt-libs-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7):

Source:
libvirt-4.5.0-10.el7_6.12.src.rpm

ppc64le:
libvirt-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-client-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-devel-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-docs-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-libs-4.5.0-10.el7_6.12.ppc64le.rpm

s390x:
libvirt-4.5.0-10.el7_6.12.s390x.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.s390x.rpm
libvirt-client-4.5.0-10.el7_6.12.s390.rpm
libvirt-client-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.s390x.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390x.rpm
libvirt-devel-4.5.0-10.el7_6.12.s390.rpm
libvirt-devel-4.5.0-10.el7_6.12.s390x.rpm
libvirt-docs-4.5.0-10.el7_6.12.s390x.rpm
libvirt-libs-4.5.0-10.el7_6.12.s390.rpm
libvirt-libs-4.5.0-10.el7_6.12.s390x.rpm

Red Hat Enterprise Linux Server Optional (v. 7):

ppc64:
libvirt-admin-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.ppc64.rpm
libvirt-nss-4.5.0-10.el7_6.12.ppc.rpm
libvirt-nss-4.5.0-10.el7_6.12.ppc64.rpm

ppc64le:
libvirt-admin-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-nss-4.5.0-10.el7_6.12.ppc64le.rpm

s390x:
libvirt-admin-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.s390x.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390x.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.s390x.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.s390x.rpm
libvirt-nss-4.5.0-10.el7_6.12.s390.rpm
libvirt-nss-4.5.0-10.el7_6.12.s390x.rpm

x86_64:
libvirt-admin-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-nss-4.5.0-10.el7_6.12.i686.rpm
libvirt-nss-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7):

Source:
libvirt-4.5.0-10.el7_6.12.src.rpm

aarch64:
libvirt-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-admin-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-client-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-devel-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-docs-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-libs-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.aarch64.rpm
libvirt-nss-4.5.0-10.el7_6.12.aarch64.rpm

ppc64le:
libvirt-admin-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.ppc64le.rpm
libvirt-nss-4.5.0-10.el7_6.12.ppc64le.rpm

s390x:
libvirt-admin-4.5.0-10.el7_6.12.s390x.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.s390x.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.s390x.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.s390x.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.s390x.rpm
libvirt-nss-4.5.0-10.el7_6.12.s390.rpm
libvirt-nss-4.5.0-10.el7_6.12.s390x.rpm

Red Hat Enterprise Linux Workstation (v. 7):

Source:
libvirt-4.5.0-10.el7_6.12.src.rpm

x86_64:
libvirt-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-bash-completion-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-client-4.5.0-10.el7_6.12.i686.rpm
libvirt-client-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-network-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-rbd-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-driver-storage-scsi-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-kvm-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-devel-4.5.0-10.el7_6.12.i686.rpm
libvirt-devel-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-docs-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-libs-4.5.0-10.el7_6.12.i686.rpm
libvirt-libs-4.5.0-10.el7_6.12.x86_64.rpm

Red Hat Enterprise Linux Workstation Optional (v. 7):

x86_64:
libvirt-admin-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-daemon-lxc-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.i686.rpm
libvirt-debuginfo-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-lock-sanlock-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-login-shell-4.5.0-10.el7_6.12.x86_64.rpm
libvirt-nss-4.5.0-10.el7_6.12.i686.rpm
libvirt-nss-4.5.0-10.el7_6.12.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2019-10161
https://access.redhat.com/security/cve/CVE-2019-10166
https://access.redhat.com/security/cve/CVE-2019-10167
https://access.redhat.com/security/cve/CVE-2019-10168
https://access.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2019 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBXQunctzjgjWX9erEAQju2BAAh4KXtJGCdlovglJYuTMJyfPzlUbFiLzf
eU7uD2NEQ71nfagNKFZvYiFS/VDfcqMli+Rszc0aZFWriiQ/TBG9qWmEY6JjNtWY
uUGzwHU0caJX0962vyAuMmquEMOWq9W+u295A5Dmk88E2LxAfMf7gISjJeNXYfqt
aKzFT/aCNt15QiSC54189RVuL74yp5DXMTL+oEYSAWUESD81Mtd6Oa1zZm+8ODVg
evRE1v+G4HWKeFZ30QzbRARncP36hNsClltoHkPf+1oScurVSOd7qFvqbndQXBHf
28AQ+uA6F0KHRZshvEHOBXTcD5bNx7AXaEFurBkGyBml9mTBvtbGHgcWSzVdqNBK
hPOROdp5es3N+zwX1kgziItO4f42Z9yKrjIBzQxd7LLIcLp+DyioVfEa8HdNj16S
CpYVCOKXhDiMiHOebwGPQqtcSUvYjcH7KfXXQroSOESi/tEHDuIj4C2O4q4fMndR
xL9KNi268rcZaXQ6gBxaZdl9nsRCEYENuqLJrEMOLJe/z1LzMrzCjcaFhvcI5x1g
/SLgAO3cCAkR1G0Yup+7if5up+ltBwUggSeZMsvGTcRcNVwPXHoB9XrXGIlKx/6w
N1MB1mIwtMdHOTiFhUHmd4vYrRc4TEmPsxBtlfEy6hz5FXGXaDHtS8qFyro86FOC
sFYn7EbeH2c=wK2G
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
This email address is being protected from spambots. You need JavaScript enabled to view it.

Red Hat 7: RHSA-2019-1579-01 Important: libvirt Security Fix

red hat
Calendar Grey June 20, 2019
Dist Redhat Esm H88
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ====================================================
An update for libvirt is now available for Red Hat Enterprise Linux 7

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, libvirtd will be restarted automatically.

Summary

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.
Security Fix(es):
* libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161)
* libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166)
* libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)
* libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Live migration fail with unsafe error when GPFS is used as shared filesystem (BZ#1715867)

Topics%20covered

Topics Covered

security advisory Red Hat bug fix important arbitrary command execution security impact libvirt

References

https://access.redhat.com/security/cve/CVE-2019-10161 https://access.redhat.com/security/cve/CVE-2019-10166 https://access.redhat.com/security/cve/CVE-2019-10167 https://access.redhat.com/security/cve/CVE-2019-10168 https://access.redhat.com/security/updates/classification/#important

Package List

Red Hat Enterprise Linux Client (v. 7):
Source: libvirt-4.5.0-10.el7_6.12.src.rpm
x86_64: libvirt-4.5.0-10.el7_6.12.x86_64.rpm libvirt-bash-completion-4.5.0-10.el7_6.12.x86_64.rpm libvirt-client-4.5.0-10.el7_6.12.i686.rpm libvirt-client-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-config-network-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-config-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-interface-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-lxc-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-network-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-nodedev-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-nwfilter-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-qemu-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-secret-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-core-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-disk-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-gluster-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-iscsi-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-logical-4.5.0-10.el7_6.12.x86_64.rpm libvirt-daemon-driver-storage-mpath-4.5.0-10.el7_6.12.x86_64.rpm

Read the Full Advisory


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2019:1579-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2019:1579
Issue date: 2019-06-20

Topic

An update for libvirt is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impactof Important. A Common Vulnerability Scoring System (CVSS) base score,which gives a detailed severity rating, is available for each vulnerabilityfrom the CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory Red Hat bug fix important arbitrary command execution security impact libvirt

Relevant Releases Architectures

Red Hat Enterprise Linux Client (v. 7) - x86_64

Red Hat Enterprise Linux Client Optional (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode (v. 7) - x86_64

Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64

Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64

Red Hat Enterprise Linux Workstation (v. 7) - x86_64

Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server (v. 7) - ppc64le, s390x

Red Hat Enterprise Linux for ARM and IBM Power LE (POWER9) Server Optional (v. 7) - aarch64, ppc64le, s390x

Bugs Fixed

1720114 - CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients

1720115 - CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API

1720117 - CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API

1720118 - CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here