Executive Summary
Summary | |
---|---|
Title | libvirt security and bug fix update |
Informations | |||
---|---|---|---|
Name | RHSA-2014:0103 | First vendor Publication | 2014-01-28 |
Vendor | RedHat | Last vendor Modification | 2014-01-28 |
Severity (Vendor) | Moderate | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:A/AC:H/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 6.8 | Attack Range | Adjacent network |
Cvss Impact Score | 10 | Attack Complexity | High |
Cvss Expoit Score | 3.2 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated libvirt packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A use-after-free flaw was found in the way several libvirt block APIs handled domain jobs. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the libvirtd process (usually root). (CVE-2013-6458) A race condition was found in the way libvirtd handled keepalive initialization requests when the connection was closed prior to establishing connection credentials. An attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd, resulting in a denial of service. (CVE-2014-1447) This update also fixes the following bug: * A race condition was possible between a thread starting a virtual machine with a guest agent configured (regular start-up or while migrating) and a thread that was killing the VM process (or the process crashing). The race could cause the monitor object to be freed by the thread that killed the VM process, which was later accessed by the thread that was attempting to start the VM, resulting in a crash. This issue was fixed by checking the state of the VM after the attempted connection to the guest agent; if the VM in the meantime exited, no other operations are attempted. (BZ#1055578) All libvirt users are advised to upgrade to these updated packages, which contain backported patches to correct these issues. After installing the updated packages, libvirtd will be restarted automatically. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1048631 - CVE-2013-6458 qemu: job usage issue in several APIs leading to libvirtd crash 1052957 - CVE-2014-1447 libvirt: denial of service with keepalive 1055578 - bidirectional VMs migration between 2 hosts fail on VM doesn't exist / fatal error |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2014-0103.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-362 | Race Condition |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:22041 | |||
Oval ID: | oval:org.mitre.oval:def:22041 | ||
Title: | DSA-2846-1 libvirt - several | ||
Description: | Multiple security issues have been found in Libvirt, a virtualization abstraction library. | ||
Family: | unix | Class: | patch |
Reference(s): | DSA-2846-1 CVE-2013-6458 CVE-2014-1447 | Version: | 5 |
Platform(s): | Debian GNU/Linux 7 Debian GNU/kFreeBSD 7 | Product(s): | libvirt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22368 | |||
Oval ID: | oval:org.mitre.oval:def:22368 | ||
Title: | USN-2093-1 -- libvirt vulnerabilities | ||
Description: | Several security issues were fixed in libvirt. | ||
Family: | unix | Class: | patch |
Reference(s): | USN-2093-1 CVE-2013-6436 CVE-2013-6457 CVE-2013-6458 CVE-2014-0028 CVE-2014-1447 | Version: | 5 |
Platform(s): | Ubuntu 13.10 Ubuntu 12.10 Ubuntu 12.04 | Product(s): | libvirt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22528 | |||
Oval ID: | oval:org.mitre.oval:def:22528 | ||
Title: | RHSA-2014:0103: libvirt security and bug fix update (Moderate) | ||
Description: | Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2014:0103-00 CESA-2014:0103 CVE-2013-6458 CVE-2014-1447 | Version: | 21 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23914 | |||
Oval ID: | oval:org.mitre.oval:def:23914 | ||
Title: | ELSA-2014:0103: libvirt security and bug fix update (Moderate) | ||
Description: | Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014:0103-00 CVE-2013-6458 CVE-2014-1447 | Version: | 13 |
Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:25025 | |||
Oval ID: | oval:org.mitre.oval:def:25025 | ||
Title: | SUSE-SU-2014:0318-1 -- Security update for libvirt | ||
Description: | This update fixes the following one non-security and two security issues with libvirt: * bnc#817407: Fixing device assignment problem with Broadcom 57810 NIC to Guest OS. * bnc#857492: qemu job usage issue in several API leading to libvirtd crash (CVE-2013-6458) * bnc#858817: denial of service with keepalive (CVE-2014-1447) | ||
Family: | unix | Class: | patch |
Reference(s): | SUSE-SU-2014:0318-1 CVE-2013-6458 CVE-2014-1447 | Version: | 3 |
Platform(s): | SUSE Linux Enterprise Server 11 SUSE Linux Enterprise Desktop 11 | Product(s): | libvirt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:26748 | |||
Oval ID: | oval:org.mitre.oval:def:26748 | ||
Title: | DEPRECATED: ELSA-2014-0103 -- libvirt security and bug fix update (moderate) | ||
Description: | [0.10.2-29.0.1.el6_5.3] - Replace docs/et.png in tarball with blank image [0.10.2-29.el6_5.3] - qemu: Avoid operations on NULL monitor if VM fails early (rhbz#1055578) - qemu: Do not access stale data in virDomainBlockStats (CVE-2013-6458) - qemu: Avoid using stale data in virDomainGetBlockInfo (CVE-2013-6458) - qemu: Fix job usage in qemuDomainBlockJobImpl (CVE-2013-6458) - qemu: Fix job usage in qemuDomainBlockCopy (rhbz#1054804) - qemu: Fix job usage in virDomainGetBlockIoTune (CVE-2013-6458) - Don't crash if a connection closes early (CVE-2014-1447) - Really don't crash if a connection closes early (CVE-2014-1447) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2014-0103 CVE-2013-6458 CVE-2014-1447 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2014-12-09 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201412-04.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-151.nasl - Type : ACT_GATHER_INFO |
2014-06-13 | Name : The remote openSUSE host is missing a security update. File : openSUSE-2014-154.nasl - Type : ACT_GATHER_INFO |
2014-03-03 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libvirt-140211.nasl - Type : ACT_GATHER_INFO |
2014-01-31 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-2093-1.nasl - Type : ACT_GATHER_INFO |
2014-01-30 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2014-0103.nasl - Type : ACT_GATHER_INFO |
2014-01-29 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2014-0103.nasl - Type : ACT_GATHER_INFO |
2014-01-29 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2014-0103.nasl - Type : ACT_GATHER_INFO |
2014-01-29 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20140128_libvirt_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2014-01-27 | Name : The remote Fedora host is missing a security update. File : fedora_2014-1090.nasl - Type : ACT_GATHER_INFO |
2014-01-21 | Name : The remote Fedora host is missing a security update. File : fedora_2014-1042.nasl - Type : ACT_GATHER_INFO |
2014-01-20 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-2846.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-25 13:26:10 |
|
2014-02-17 11:57:47 |
|
2014-01-28 21:19:34 |
|