3.7 - RHSA-2012:0748

Problem Description:

Updated libvirt packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.

The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64

3. Description:

The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

Bus and device IDs were ignored when attempting to attach multiple USB devices with identical vendor or product IDs to a guest. This could result in the wrong device being attached to a guest, giving that guest root access to the device. (CVE-2012-2693)

These updated libvirt packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.3 Technical Notes for information on the most significant of these changes.

All users of libvirt are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing the updated packages, libvirtd must be restarted ("service libvirtd restart") for this update to take effect.

4. Solution:

Before applying this update, make sure all previously-released errata relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258

5. Bugs fixed (http://bugzilla.redhat.com/):

515293 - RFE: Support formatting of new (ext3/4) filesystems for fs storage pool type 589849 - [LXC] Changing shutoff guest max memory can effect current memory 605953 - RFE: Add a command to quickly setup a Bridge Networking for KVM 611823 - Storage driver should prohibit pools with duplicate underlying storage 611824 - RFE: Expose 'virDomainMemoryPeek' and 'virDomainBlockPeek' in python bindings 613537 - [LXC] Fail to start vm that have multi network interfaces. 619846 - virsh dump gives very cryptic error messages 624447 - [vdsm] [libvirt] permission error on run vm task when using NFS storage (libvirt log!) 625115 - cannot run virt-manager as regular user in a VNC session 625362 - libvirt-guests should start and shut down guests in parallel 628823 - DOCS: Document that the bootable disk must be first in the XML 638633 - [RHEL6-Beta] 'virsh attach-interface' succeeds even if a nonexistent script file is specified to the option --script. 639599 - "virt-xml-validate" failed to validate guest domain configuration file if the domain name got a "#" in it . 643373 - RFE: Add ability to control link up/down state of guest NICs via XML & on the fly. 648594 - Support online resizing of block devices 673499 - Some virsh vol-* commands require the pool option, but don't indicate this when they fail 673811 - [RFE] VIRSH : Add ability to specify max migration bandwidth 680880 - The defined NFS pool can not be started 685083 - virt-xml-validate fails if xml is generated from running domain 689768 - libvirt should report better error than: cannot send monitor command '{"execute":"qmp_capabilities"}' 693758 - libvirt-guests init script saves but doesn't restore non-persistent domains 697808 - Improve error message when passing XML doc with wrong root element to define/create APIs. 698521 - virsh freecell command help and man pages should be more clear 700272 - RFE add support for "host cpu" in Libvirt 700523 - clearing caps before running ssh breaks prevents ssh-askpass from launching from 'sudo virt-manager' 702260 - Libvirt can't remove logical volume because it doesn't deactivate it first 708735 - [RFE] Show column and line on XML parsing error 709265 - empty vg storage pool can break GetVolumeByPath for all pools 712266 - Hotplug virtio disk fails with error message "Duplicate ID 'drive-virtio-disk2' for drive" 713932 - RFE: implement insert-media and eject-media virsh commands 715019 - (libvirt) Report disk latency (read and write) for each storage device 715590 - Add support for USB 2.0 (EHCI) to libvirt 725269 - generated qemu -smp string is ambiguous, gives unexpected results 725373 - [libvirt] when using domabortjob to abort stuck migration , the migration command still hangs. 726174 - Impossible libvirt remote administration via qemu+ssh 726771 - libvirt does not specify problem file if persistent xml is invalid 729694 - bootindex added after install completes. causes boot failure in KVM with mixed virtio/ide disks 731151 - RFE: allow capabilities/guest XML to be used with virsh cpu-compare 731645 - cpu-baseline should support the complete elements 731656 - virsh: the results of domblkstat is unreadable for user 733587 - Reattach a pci device to host which is using by guest sometimes outputs wrong info 735950 - The network xml with mutiple dhcp sections can be defined and started successfully although there is prompt error 738933 - Improving virsh manual for virsh memtune command 741510 - Aligning issue with snapshot XML description 743671 - USB device can be reassigned to another VM without error 744237 - Corner cases of migration with --dname and dxml 746111 - libvirtd fails to start due to mDNS requirement 747619 - Host PCI device's original states are not honored anymore after deamon is restarted 748248 - libvirt should use vgchange -aly/-aln instead of vgchange -ay/-an for clustered volume groups 748354 - [lxc]setmem will get wrong error message when cgroup is unmounted. 748405 - PCI device will be driver reprobing without honoring the original states 748742 - Expose 'virNodeGetMemoryStats' and 'virNodeGetCPUStats' APIs in python binding 750683 - vol-info get the wrong "Type" for a directory 751631 - Default block cache mode for migration 751725 - virsh detach-device does not change owner and selinux label of USB device if device managed 752255 - libvirt fails to initialize nwfilter when /tmp is mounted with noexec option 753169 - QEMU driver mistakenly passes a plain file FD to QEMU for migration 754128 - Shutting Down VM changes its state to "Pause" for 10sec 758231 - Add support for ESXi 5 758590 - domblklist will returen non zero value when everything is ok 760149 - general error return on migrate after calling abortjob() 760436 - virsh connect fails with remote machine which has different libvirt version 760883 - Failed to install a guest with pxe method 761005 - libvirt [RFE] Add support for new sandy bridge cpu 761344 - memory leak on cmdBlkdeviotune sucessful path 761345 - memory leak on cmdDomIfGetLink sucessful path 761347 - Return value error on the function cmdDomIfGetLink 761402 - memory leak on cmdDomblklist function 761453 - memory leak on remoteDomainScreenshot function 765698 - Improve virsh nodesuspend output information 766308 - libvirtd does not close all fds opened by virt-install 766553 - Expose 'virDomainSnapshotListChildrenNames' API in python binding 767104 - Libvirt shouldn't check the presence of the live snapshot file 767333 - enhance reboot API to use guest agent when available 767364 - RFE [libvirt] add support for AMD Bulldozer cpu 767488 - [libvirt]memleak when "run virsh console guest". 768268 - Libvirt fail to detach PF/VF device when the address of pci device described as decimalism 768450 - libvirt should have mapping for cpu64-rhel cputype 768860 - memory leak on libvirt_virConnectOpenAuth 768870 - Guest can not be started with setting in xml 769224 - memory leak when run 'virsh domxml-to-native' 769251 - blockresize lack of "free lock" after given wrong parameter 769506 - Need to improve virsh domxml-*-native command docs 769752 - Fail to start LXC guest 770031 - the guest's mac will change after attach a vnet with the option persistent and then restart it. 770458 - Request for backporting to move 'send-key' and 'echo' descriptions into other more appropriate sections in virsh man page 770520 - blkiotune set weight on total and virtio device together will cause libvirtd hang 770683 - blockIoTune did not work right with parameters 770919 - Sometimes virsh command screenshot may hang 770940 - memory leaks on libvirt_virDomainGetSchedulerParameters 770941 - memory leaks on libvirt_virDomainGetMemoryParameters 770942 - memory leaks on libvirt_virDomainBlockStatsFlags 770943 - memory leaks on libvirt_virNodeGetCPUStats 770944 - memory leaks on libvirt_virNodeGetMemoryStats 770971 - Expose 'virDomain{Get,Set}InterfaceParameters' APIs in python binding 771016 - virsh destroy a guest . guest status will hang with in shutdown 771021 - Coverity scan revealed defects 771562 - Change numa parameters with 'nodeset' option will crash libvirtd 771570 - Restart libvirtd will get error and fail to reconnect domains on nfs storage 771591 - Expose 'virDomain{G, S}etNumaParameters' APIs in python binding 772697 - libvirt-devel grew a dependency on systemtap, preventing installs on ppc 773208 - Migration with non-existent xml does not report error 773667 - virsh attach-device fails with 'Unable to reset PCI device' for Broadcom NetExtreme II 781562 - [RFE] Support for qemu PCI romfile option 781985 - When detach PCI device from guest, unknown error occurs. 782716 - Change interface parameters with '{in,out}bound' option will crash libvirtd 783184 - storage cloning ignores "sparse" and creates non-sparse disk images 783921 - libvirt cannot disable kvmclock 785164 - libvirt needs ipv6 support for ssh uris 785269 - Make avahi failure on startup non-fatal 786534 - Add vm-pid to VIRT_CONTROL audit events 786674 - Plug memory leak on cmdUndefine 786770 - Unwanted messages when installing libvirt-client 787761 - undefined symbol: libvirt_event_poll_purge_timeout_semaphore 788338 - Resource leaks on virsh desc command 789220 - memory leak on client programming failure path 790436 - libvirt runs qemu with tls options even when certs/keys are not set 790744 - Delete snapshot parent will crash libvirtd 790745 - [Regression]libvirtd dead when create a guest with "--channel pty,target_type=virtio" by virt-install. 790789 - virsh console fails when executed via remote ssh 795093 - [libvirt] missing 'source file' attribute when passing 'optional' param in xml 795127 - pre-migration hook needed at destination 795656 - destroyFlags should raise exception with proper error code 795978 - polkit authorization broken in libvirt 0.9.10 796526 - Improve memory usage readability in guest XML configuration 797066 - Output message error when create a bridge base on an existing network device 798220 - [libvirt]can't start guest with spice 798497 - Plug memory leak on migration 798938 - Snapshot-revert will report error with startupPolicy='requisite' when floppy/cdrom disk is missing 799478 - libvirt emits inappropriate error when using domabortjob to abort stuck migration 800366 - libvirt does not report the system and user cpu usage separately for vms. 801160 - managedsave+restart of VM crashes libvirtd 801443 - Libvirt shouldn't fail on tlsPort setting if none set 801970 - libvirt with QEmu does not support disk filenames with comma 802644 - segfault when attempting to detach non-existent network device 802851 - memory leaks/dangling pointers caused by virDomainDetachDeviceConfig (virsh detach-*) 802854 - memory leak when performing persistent network device update (e.g. virsh domif-setlink --persistent) 802856 - Missing support for persistent hotplug attach/detach of devices 803591 - virsh segfault when attempting to detach disk from non-existent domain 804028 - Cannot roundtrip blkio parameters due to broken deviceWeight handling 806098 - Support qemu 1.0 807147 - virsh snapshot-create --disk-only failed 807555 - Plug memory leak on cmdSnapshotList with failure path 807751 - [libvirt] Failed to set vm niceness with latest libvirt 808371 - libvirtd crashed with SIGSEGV in __strcmp_ssse3() 808459 - USB 2.0 pass-through won't boot guest VM a SECOND time. 808522 - regression in parsing libvirt-generated xml memory limits 808527 - Check for guest agent presence when issuing command 808979 - memory leak in virDomainGetVcpus / virsh vcpuinfo 810100 - occasional segfault while running networkxml2argvtest 810157 - numad: Pre-set memory policy and convert nodeset from numad to CPUs list before affinity setting 810241 - Save the guest to pre-created file on root_squashing export nfs with dynamic_ownership=1 Permission denied 810559 - FTBFS: libvirt has parallel make race that can stop build 811227 - RFE: Ability to specify custom BIOS for QEMU/KVM using XML (for WHQL testing) 811497 - Deadlock in qemu driver on forced console connection 811683 - deal with change from RHEL 6.2 sync block_job_cancel to RHEL 6.3 async block-job-cancel 813972 - libvirt should reject invalid memory values in xml 814021 - [Doc]There is one typo "virsh list --note" in virsh list manual 814080 - Syscall param rt_sigaction(act->sa_flags) points to uninitialised byte(s) 815270 - [Regression]Libvirtd will die if start a guest with macvtap nic. 815791 - deal with qemu block-job-set-speed race fix 816465 - libvirtd may die after restart the service 816662 - Improve virsh blockpull error message for a offline domain 817078 - libvirtd crashing on rhel 6.3 beta vm 817234 - libvirtd crash when start a net with special MAC address 819014 - blockIoTune modifies live xml even on failure 819498 - libvirt: missing spice channel 'usbredir' 819499 - libvirt: missing spice channel 'default' 819636 - virsh heap corruption due to bad memmove 820461 - numad support is lost in the 6.3 build. 820869 - Fix automatic PCI address assignment for USB2 companion controllers 831164 - CVE-2012-2693 libvirt: address bus= device= when identicle vendor ID/product IDs usb devices attached are ignored