Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 433
Alerts This Week
Warning Icon 1 433

Scientific Linux: SLSA-2013:0831-1 Moderate: Libvirt File Descriptor Leak

Scientific Large Esm H446
Moderate: libvirt security and bug fix update
Date: Thu, 16 May 2013 18:05:25 +0000
Reply-To: scientific-linux-users@
Sender: Security Errata for Scientific Linux
 
From: Pat Riehecky 
Subject: Security ERRATA Moderate: libvirt on SL6.x i386/x86_64
MIME-Version: 1.0

Synopsis: Moderate: libvirt security and bug fix update
Advisory ID: SLSA-2013:0831-1
Issue Date: 2013-05-16
CVE Numbers: CVE-2013-1962
--

It was found that libvirtd leaked file descriptors when listing all
volumes for a particular pool. A remote attacker able to establish a read-
only connection to libvirtd could use this flaw to cause libvirtd to
consume all available file descriptors, preventing other users from using
libvirtd services (such as starting a new guest) until libvirtd is
restarted. (CVE-2013-1962)

This update also fixes the following bugs:

* Previously, libvirt made control group (cgroup) requests on files that
it should not have. With older kernels, such nonsensical cgroup requests
were ignored; however, newer kernels are stricter, resulting in libvirt
logging spurious warnings and failures to the libvirtd and audit logs. The
audit log failures displayed by the ausearch tool were similar to the
following:

root [date] - failed cgroup allow path rw
/dev/kqemu

With this update, libvirt no longer attempts the nonsensical cgroup
actions, leaving only valid attempts in the libvirtd and audit logs
(making it easier to search for real cases of failure).

* Previously, libvirt used the wrong variable when constructing audit
messages. This led to invalid audit messages, causing ausearch to format
certain entries as having "path=(null)" instead of the correct path. This
could prevent ausearch from locating events related to cgroup device ACL
modifications for guests managed by libvirt. With this update, the audit
messages are generated correctly, preventing loss of audit coverage.

After installing the updated packages, libvirtd will be restarted
automatically.
--

SL6
 x86_64
 libvirt-0.10.2-18.el6_4.5.x86_64.rpm
 libvirt-client-0.10.2-18.el6_4.5.i686.rpm
 libvirt-client-0.10.2-18.el6_4.5.x86_64.rpm
 libvirt-debuginfo-0.10.2-18.el6_4.5.i686.rpm
 libvirt-debuginfo-0.10.2-18.el6_4.5.x86_64.rpm
 libvirt-python-0.10.2-18.el6_4.5.x86_64.rpm
 libvirt-devel-0.10.2-18.el6_4.5.i686.rpm
 libvirt-devel-0.10.2-18.el6_4.5.x86_64.rpm
 libvirt-lock-sanlock-0.10.2-18.el6_4.5.x86_64.rpm
 i386
 libvirt-0.10.2-18.el6_4.5.i686.rpm
 libvirt-client-0.10.2-18.el6_4.5.i686.rpm
 libvirt-debuginfo-0.10.2-18.el6_4.5.i686.rpm
 libvirt-python-0.10.2-18.el6_4.5.i686.rpm
 libvirt-devel-0.10.2-18.el6_4.5.i686.rpm

- Scientific Linux Development Team