Ispravljen je sigurnosni propust otkriven u radu programskog paketa libvirt. Lokalni su ga napadači mogli iskoristiti za izvođenje napada uskraćivanjem usluge (DoS).
| Paket: | libvirt 0.x |
| Operacijski sustavi: | Red Hat Enterprise Linux 6 |
| Kritičnost: | 3 |
| Problem: | pogreška u programskoj funkciji |
| Iskorištavanje: | lokalno |
| Posljedica: | uskraćivanje usluga (DoS) |
| Rješenje: | programska zakrpa proizvođača |
| CVE: | CVE-2012-3445 |
| Izvorni ID preporuke: | RHSA-2012:1202-1 |
| Izvor: | Red Hat |
| Problem: | |
| Propust je uzrokovan pogreškom u funkciji "virTypedParameterArrayClear()" koja neispravno rukuje virDomain* API pozivima. |
|
| Posljedica: | |
| Napadačima omogućuje izvođenje DoS (Denial of Service) napada putem posebno oblikovane RPC naredbe. |
|
| Rješenje: | |
| Kako bi se zaštitili od eventualnih napada, korisnicima se savjetuje instalacija nadogradnje. |
|
Izvorni tekst preporuke
Moderate: libvirt security and bug fix update
Advisory: RHSA-2012:1202-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-08-23
Last updated on: 2012-08-23
Affected Products: Red Hat Enterprise Linux Desktop (v. 6)
Red Hat Enterprise Linux HPC Node (v. 6)
Red Hat Enterprise Linux Server (v. 6)
Red Hat Enterprise Linux Workstation (v. 6)
CVEs (cve.mitre.org): CVE-2012-3445
Details
Updated libvirt packages that fix one security issue and two bugs are now
available for Red Hat Enterprise Linux 6.
The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.
The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.
A flaw was found in libvirtd's RPC call handling. An attacker able to
establish a read-only connection to libvirtd could trigger this flaw with a
specially-crafted RPC command that has the number of parameters set to 0,
causing libvirtd to access invalid memory and crash. (CVE-2012-3445)
This update also fixes the following bugs:
* Previously, repeatedly migrating a guest between two machines while using
the tunnelled migration could cause the libvirt daemon to lock up
unexpectedly. The bug in the code for locking remote drivers has been fixed
and repeated tunnelled migrations of domains now work as expected.
(BZ#847946)
* Previously, when certain system locales were used by the system, libvirt
could issue incorrect commands to the hypervisor. This bug has been fixed
and the libvirt library and daemon are no longer affected by the choice of
the user locale. (BZ#847959)
All users of libvirt are advised to upgrade to these updated packages,
which contain backported patches to correct these issues. After installing
the updated packages, libvirtd will be restarted automatically.
Solution
Before applying this update, make sure all previously-released errata
relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258
Updated packages
Red Hat Enterprise Linux Desktop (v. 6)
SRPMS:
libvirt-0.9.10-21.el6_3.4.src.rpm MD5: 539031269693b38a695f906453d7a547
SHA-256: 2e7837a361052a532d7330621768da92e830444d4a1f93c15f12e1eb07f21fe8
IA-32:
libvirt-0.9.10-21.el6_3.4.i686.rpm MD5: b16eafcc07b38a024e7b4f752bfe0d48
SHA-256: c0b73390a572ead2801c99bbc531357bc54fe4fbc11360365d385949451cdc9f
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-python-0.9.10-21.el6_3.4.i686.rpm MD5: 3b0eba1c40fa90d92ad0f807453d21d9
SHA-256: f01564d1d07ccc15b47d97b54c33d556f2451e9bec018a88d48ca4a80b550e7c
x86_64:
libvirt-0.9.10-21.el6_3.4.x86_64.rpm MD5: 24be3c6ea170e6d7ac02659a15f23a3b
SHA-256: 18b986c716f30c9e6373f8eb0a2982b96a08b1446bfc7dc9043c9b5a50c66b31
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-client-0.9.10-21.el6_3.4.x86_64.rpm MD5: dbaef1fec5a75daf37f96462a959fa97
SHA-256: d2bb14ec23407c735d342d711f806b05d1f6dd70b82aa7f1261bb9da80858701
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-debuginfo-0.9.10-21.el6_3.4.x86_64.rpm MD5: 4fe13dc6d9aa6e967dfede8b1389ef79
SHA-256: 765d2393cd4dd0d855dfee87284b94857658ecb75b879118968b7aa0fa85cbe8
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-devel-0.9.10-21.el6_3.4.x86_64.rpm MD5: 5a637c67c28fd874360dac6a4abc2692
SHA-256: 01296dcea2deb13b88180b278720ebf519b670b7f2b54ad0b80ae154c1e43f66
libvirt-lock-sanlock-0.9.10-21.el6_3.4.x86_64.rpm MD5: c175a44b79437fad0726b4102e0c9081
SHA-256: a91ba075ab2c71c0f165855487a95d5c816097a1c033fa8d9fbe9df3bfe037aa
libvirt-python-0.9.10-21.el6_3.4.x86_64.rpm MD5: 053bbb355efb03a56530701103691d2c
SHA-256: 7e62e641d30576028c59392ce0359ac22065c9b1e406f4dc36b5b4553e42a35f
Red Hat Enterprise Linux HPC Node (v. 6)
SRPMS:
libvirt-0.9.10-21.el6_3.4.src.rpm MD5: 539031269693b38a695f906453d7a547
SHA-256: 2e7837a361052a532d7330621768da92e830444d4a1f93c15f12e1eb07f21fe8
x86_64:
libvirt-0.9.10-21.el6_3.4.x86_64.rpm MD5: 24be3c6ea170e6d7ac02659a15f23a3b
SHA-256: 18b986c716f30c9e6373f8eb0a2982b96a08b1446bfc7dc9043c9b5a50c66b31
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-client-0.9.10-21.el6_3.4.x86_64.rpm MD5: dbaef1fec5a75daf37f96462a959fa97
SHA-256: d2bb14ec23407c735d342d711f806b05d1f6dd70b82aa7f1261bb9da80858701
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-debuginfo-0.9.10-21.el6_3.4.x86_64.rpm MD5: 4fe13dc6d9aa6e967dfede8b1389ef79
SHA-256: 765d2393cd4dd0d855dfee87284b94857658ecb75b879118968b7aa0fa85cbe8
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-devel-0.9.10-21.el6_3.4.x86_64.rpm MD5: 5a637c67c28fd874360dac6a4abc2692
SHA-256: 01296dcea2deb13b88180b278720ebf519b670b7f2b54ad0b80ae154c1e43f66
libvirt-lock-sanlock-0.9.10-21.el6_3.4.x86_64.rpm MD5: c175a44b79437fad0726b4102e0c9081
SHA-256: a91ba075ab2c71c0f165855487a95d5c816097a1c033fa8d9fbe9df3bfe037aa
libvirt-python-0.9.10-21.el6_3.4.x86_64.rpm MD5: 053bbb355efb03a56530701103691d2c
SHA-256: 7e62e641d30576028c59392ce0359ac22065c9b1e406f4dc36b5b4553e42a35f
Red Hat Enterprise Linux Server (v. 6)
SRPMS:
libvirt-0.9.10-21.el6_3.4.src.rpm MD5: 539031269693b38a695f906453d7a547
SHA-256: 2e7837a361052a532d7330621768da92e830444d4a1f93c15f12e1eb07f21fe8
IA-32:
libvirt-0.9.10-21.el6_3.4.i686.rpm MD5: b16eafcc07b38a024e7b4f752bfe0d48
SHA-256: c0b73390a572ead2801c99bbc531357bc54fe4fbc11360365d385949451cdc9f
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-python-0.9.10-21.el6_3.4.i686.rpm MD5: 3b0eba1c40fa90d92ad0f807453d21d9
SHA-256: f01564d1d07ccc15b47d97b54c33d556f2451e9bec018a88d48ca4a80b550e7c
PPC:
libvirt-0.9.10-21.el6_3.4.ppc64.rpm MD5: 0e23de3da4b290ee7cde77e92f882031
SHA-256: b22b5aea1c0c8c8fdddfabcfb0dadcb5dc5f5674090f5247b3cc160da377108f
libvirt-client-0.9.10-21.el6_3.4.ppc.rpm MD5: a573964eaf7c41aaeb197c243b6ac778
SHA-256: d72378b0d6d78cf1a3a63d80fcbbbc55abe62ebc1719f14819c8cc3ce24a2ebd
libvirt-client-0.9.10-21.el6_3.4.ppc64.rpm MD5: 41f7fed4aa6b1abdbfb581d036d95e20
SHA-256: e29a175480cd7556bf6429be51692468d12208b2786492f9941e8574431fd55d
libvirt-debuginfo-0.9.10-21.el6_3.4.ppc.rpm MD5: fcad388f1116ca216ab3c492cb874ce2
SHA-256: 2dba669bb14d0a93f6bedf803e2c61d020d8fc0edbaaaa33ffc7aab123f6f04a
libvirt-debuginfo-0.9.10-21.el6_3.4.ppc64.rpm MD5: 18a8385362b915ebd28e3bc4360420c6
SHA-256: d36a022fcf7e5ed62c2a7460493ed07e428c80165ae30c60bfc0402b74ac946e
libvirt-devel-0.9.10-21.el6_3.4.ppc.rpm MD5: a3cc321dfc83239e9cf55bbeb6de463b
SHA-256: d196de6d7c836b2a1c4b9faa42c429ca2926fc88f358510844acc20dbff7decd
libvirt-devel-0.9.10-21.el6_3.4.ppc64.rpm MD5: 15479d036e7cc5765a4c8827c3b1cb41
SHA-256: 4d54df254cd7c1da77ab25de5d382fed618ee220260be1f673032ce0a67b5c56
libvirt-python-0.9.10-21.el6_3.4.ppc64.rpm MD5: 062752364f3e3aa456168700f2f86921
SHA-256: 4e6e8bdf3009111b281bf60e75e7ed859ddaba550080591b3cbab77730c1206d
s390x:
libvirt-0.9.10-21.el6_3.4.s390x.rpm MD5: d3d5ba6332d6b008c3afc8d9e30f1c2e
SHA-256: 7f62eedba73c55bd5f234805b07c3c6d5091a69a0c9d150e04ea39905ca16480
libvirt-client-0.9.10-21.el6_3.4.s390.rpm MD5: ad2f1800de5acd383c403e120c9b5d2b
SHA-256: d2fe5abb347b2842f07b2302cb867a96227f01ed382a2da697b66c97e3687deb
libvirt-client-0.9.10-21.el6_3.4.s390x.rpm MD5: 6939d34f165986d728f518442345cf4a
SHA-256: 3953b405ce185d1e1cf274ea4c4be3235787ec1ec9c68f5e75f1df20930dbbfc
libvirt-debuginfo-0.9.10-21.el6_3.4.s390.rpm MD5: 4528672737bad04e53468c76f11075cf
SHA-256: 1dc4319d325b2bebee9c54f46dd13d911b35086344f8bdfce6f3d5ae110b7480
libvirt-debuginfo-0.9.10-21.el6_3.4.s390x.rpm MD5: fd369d8fa9e636fac95e27e90dfea107
SHA-256: f2e358e5baf168a8a5c840e0271b21ce31ebd32f95346033a8c387ebb00b2502
libvirt-devel-0.9.10-21.el6_3.4.s390.rpm MD5: dc3f483fa605319cb8209222e8a14e91
SHA-256: d2425e6f91b06505485955974d7bf7943051e3ca4450c24c6889ae7a51178826
libvirt-devel-0.9.10-21.el6_3.4.s390x.rpm MD5: 8c26491a6f44941a8140bf95a46321c7
SHA-256: f2f43813ab4c3c8336fc5e6101d6873bcd146ce2b615bcca1eeec569ab0322e6
libvirt-python-0.9.10-21.el6_3.4.s390x.rpm MD5: 8f86da497e11e09e907d80f0868210d3
SHA-256: 89ea6dfea86380d527566fc1284096303ccb31717e6f5c4e9657dba2a418d52d
x86_64:
libvirt-0.9.10-21.el6_3.4.x86_64.rpm MD5: 24be3c6ea170e6d7ac02659a15f23a3b
SHA-256: 18b986c716f30c9e6373f8eb0a2982b96a08b1446bfc7dc9043c9b5a50c66b31
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-client-0.9.10-21.el6_3.4.x86_64.rpm MD5: dbaef1fec5a75daf37f96462a959fa97
SHA-256: d2bb14ec23407c735d342d711f806b05d1f6dd70b82aa7f1261bb9da80858701
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-debuginfo-0.9.10-21.el6_3.4.x86_64.rpm MD5: 4fe13dc6d9aa6e967dfede8b1389ef79
SHA-256: 765d2393cd4dd0d855dfee87284b94857658ecb75b879118968b7aa0fa85cbe8
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-devel-0.9.10-21.el6_3.4.x86_64.rpm MD5: 5a637c67c28fd874360dac6a4abc2692
SHA-256: 01296dcea2deb13b88180b278720ebf519b670b7f2b54ad0b80ae154c1e43f66
libvirt-lock-sanlock-0.9.10-21.el6_3.4.x86_64.rpm MD5: c175a44b79437fad0726b4102e0c9081
SHA-256: a91ba075ab2c71c0f165855487a95d5c816097a1c033fa8d9fbe9df3bfe037aa
libvirt-python-0.9.10-21.el6_3.4.x86_64.rpm MD5: 053bbb355efb03a56530701103691d2c
SHA-256: 7e62e641d30576028c59392ce0359ac22065c9b1e406f4dc36b5b4553e42a35f
Red Hat Enterprise Linux Workstation (v. 6)
SRPMS:
libvirt-0.9.10-21.el6_3.4.src.rpm MD5: 539031269693b38a695f906453d7a547
SHA-256: 2e7837a361052a532d7330621768da92e830444d4a1f93c15f12e1eb07f21fe8
IA-32:
libvirt-0.9.10-21.el6_3.4.i686.rpm MD5: b16eafcc07b38a024e7b4f752bfe0d48
SHA-256: c0b73390a572ead2801c99bbc531357bc54fe4fbc11360365d385949451cdc9f
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-python-0.9.10-21.el6_3.4.i686.rpm MD5: 3b0eba1c40fa90d92ad0f807453d21d9
SHA-256: f01564d1d07ccc15b47d97b54c33d556f2451e9bec018a88d48ca4a80b550e7c
x86_64:
libvirt-0.9.10-21.el6_3.4.x86_64.rpm MD5: 24be3c6ea170e6d7ac02659a15f23a3b
SHA-256: 18b986c716f30c9e6373f8eb0a2982b96a08b1446bfc7dc9043c9b5a50c66b31
libvirt-client-0.9.10-21.el6_3.4.i686.rpm MD5: b1b73f55dbdf0449bbc87ff79f90bb1a
SHA-256: dea3d552bb08eb4591694ffa723ed5a5557e6d0abbb4a231ff050e39d7ff8815
libvirt-client-0.9.10-21.el6_3.4.x86_64.rpm MD5: dbaef1fec5a75daf37f96462a959fa97
SHA-256: d2bb14ec23407c735d342d711f806b05d1f6dd70b82aa7f1261bb9da80858701
libvirt-debuginfo-0.9.10-21.el6_3.4.i686.rpm MD5: d0f4a54acbbea1b4b998ea7539b162f2
SHA-256: 717bb7a92a3806d8a40c44b0d316067e60958df0be2470736e56cf8628306e82
libvirt-debuginfo-0.9.10-21.el6_3.4.x86_64.rpm MD5: 4fe13dc6d9aa6e967dfede8b1389ef79
SHA-256: 765d2393cd4dd0d855dfee87284b94857658ecb75b879118968b7aa0fa85cbe8
libvirt-devel-0.9.10-21.el6_3.4.i686.rpm MD5: a45ba20737cc22a6c9ca6854140ea1e9
SHA-256: 807d3ba5cf4a408f39c31d8454d5baaa975279a7ee2e0f0d59d61bc27248d893
libvirt-devel-0.9.10-21.el6_3.4.x86_64.rpm MD5: 5a637c67c28fd874360dac6a4abc2692
SHA-256: 01296dcea2deb13b88180b278720ebf519b670b7f2b54ad0b80ae154c1e43f66
libvirt-lock-sanlock-0.9.10-21.el6_3.4.x86_64.rpm MD5: c175a44b79437fad0726b4102e0c9081
SHA-256: a91ba075ab2c71c0f165855487a95d5c816097a1c033fa8d9fbe9df3bfe037aa
libvirt-python-0.9.10-21.el6_3.4.x86_64.rpm MD5: 053bbb355efb03a56530701103691d2c
SHA-256: 7e62e641d30576028c59392ce0359ac22065c9b1e406f4dc36b5b4553e42a35f
(The unlinked packages above are only available from the Red Hat Network)
Bugs fixed (see bugzilla for more information)
844734 - CVE-2012-3445 libvirt: crash in virTypedParameterArrayClear
847946 - libvirtd may hang during tunneled migration
References
https://www.redhat.com/security/data/cve/CVE-2012-3445.html
https://access.redhat.com/security/updates/classification/#moderate
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package
The Red Hat security contact is Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.. More contact details at http://www.redhat.com/security/team/contact/
Posljednje sigurnosne preporuke