SUSE Linux Enterprise 15: 2019:0936-1 Important: Libvirt Remote DoS

suse

April 12, 2019

An update that solves one vulnerability and has 15 fixes is now available

Summary

This update for libvirt provides the following fixes: Security issue fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent (bsc#1127458). Other issues addressed: - apparmor: reintroduce upstream lxc mount rules (bsc#1130129). - hook: encode incoming XML to UTF-8 before passing to lxml etree from string method (bsc#1123642). - supportconfig: collect rotated logs in /var/log/libvirt/* (bsc#1124667). - libxl: support Xen's max_grant_frames setting with maxGrantFrames attribute on the xenbus controller (bsc#1126325). - conf: added new 'xenbus' controller type - util: skip RDMA detection for non-PCI network devices (bsc#1112182).

Topics Covered

security advisory denial of service update patch important libvirt SUSE Linux Enterprise

References

#1081516 #1102604 #1104662 #1106420 #1108086

#1108395 #1112182 #1117058 #1118952 #1120813

#1123642 #1124667 #1125665 #1126325 #1127458

#1130129

Cross- CVE-2019-3840

Affected Products:

SUSE Linux Enterprise Module for Server Applications 15

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15

SUSE Linux Enterprise Module for Basesystem 15

https://www.suse.com/security/cve/CVE-2019-3840.html

https://bugzilla.suse.com/1081516

https://bugzilla.suse.com/1102604

https://bugzilla.suse.com/1104662

https://bugzilla.suse.com/1106420

https://bugzilla.suse.com/1108086

https://bugzilla.suse.com/1108395

https://bugzilla.suse.com/1112182

https://bugzilla.suse.com/1117058

https://bugzilla.suse.com/1118952

https://bugzilla.suse.com/1120813

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2019:0936-1

Rating: important

Topics Covered

security advisory denial of service update patch important libvirt SUSE Linux Enterprise

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 15: 2019:0936-1 Important: Libvirt Remote DoS

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE Linux Enterprise 15: 2019:0936-1 Important: Libvirt Remote DoS

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!