Advisory Published

RHSA-2018:1396: Low: libvirt security and bug fix update

First published: Mon May 14 2018(Updated: )

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.<br>Security Fix(es):<br><li> libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748)</li> <li> libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064)</li> For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.<br>The CVE-2018-1064 issue was discovered by Daniel P. Berrangé (Red Hat) and the CVE-2018-5748 issue was discovered by Daniel P. Berrange (Red Hat) and Peter Krempa (Red Hat).<br>Bug Fix(es):<br><li> Previously, the check for a non-unique device boot order did not properly handle updates of existing devices when a new device was attached to a guest. Consequently, updating any device with a specified boot order failed. With this update, the duplicity check detects correctly handles updates and ignores the original device, which avoids reporting false conflicts. As a result, updating a device with a boot order succeeds. (BZ#1557922)</li> <li> In Red Hat Enterprise Linux 7.5, guests with SCSI passthrough enabled failed to boot because of changes in kernel CGroup detection. With this update, libvirt fetches dependencies and adds them to the device CGroup. As a result, and the affected guests now start as expected. (BZ#1564996)</li> <li> The VMX parser in libvirt did not parse more than four network interfaces. As a consequence, the esx driver did not expose more than four network interface cards (NICs) for guests running ESXi. With this update, the VMX parser parses all the available NICs in .vmx files. As a result, libvirt reports all the NICs of guests running ESXi. (BZ#1566524)</li> <li> Previously, user aliases for PTY devices that were longer than 32 characters were not supported. Consequently, if a domain included a PTY device with a user alias longer than 32 characters, the domain would not start. With this update, a static buffer was replaced with a dynamic buffer. As a result, the domain starts even if the length of the user alias for a PTY device is longer than 32 characters. (BZ#1566525)</li>

Affected SoftwareAffected VersionHow to fix
redhat/libvirt<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-admin<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-client<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-client<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-config-network<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-config-nwfilter<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-interface<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-lxc<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-network<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-nodedev<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-nwfilter<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-qemu<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-secret<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-core<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-disk<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-gluster<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-iscsi<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-logical<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-mpath<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-rbd<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-scsi<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-kvm<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-lxc<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-debuginfo<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-debuginfo<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-devel<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-devel<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-docs<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-libs<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-libs<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-lock-sanlock<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-login-shell<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-nss<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-nss<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-admin<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-config-network<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-config-nwfilter<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-interface<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-lxc<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-network<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-nodedev<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-nwfilter<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-qemu<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-secret<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-core<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-disk<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-iscsi<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-logical<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-mpath<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-scsi<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-kvm<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-lxc<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-docs<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-lock-sanlock<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-login-shell<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-debuginfo<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-lock-sanlock<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-admin<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-client<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-config-network<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-config-nwfilter<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-interface<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-lxc<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-network<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-nodedev<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-nwfilter<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-qemu<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-secret<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-core<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-disk<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-iscsi<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-logical<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-mpath<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-driver-storage-scsi<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-kvm<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-daemon-lxc<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-devel<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-docs<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-libs<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-login-shell<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt-nss<3.9.0-14.el7_5.4
3.9.0-14.el7_5.4
redhat/libvirt<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-admin<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-client<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-config-network<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-config-nwfilter<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-interface<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-lxc<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-network<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-nodedev<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-nwfilter<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-qemu<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-secret<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage-core<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage-disk<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage-iscsi<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage-logical<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage-mpath<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-driver-storage-scsi<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-kvm<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-daemon-lxc<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-debuginfo<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-devel<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-docs<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-libs<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-lock-sanlock<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-login-shell<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa
redhat/libvirt-nss<3.9.0-14.el7_5.4.aa
3.9.0-14.el7_5.4.aa

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203