Executive Summary
Summary | |
---|---|
Title | libvirt security, bug fix, and enhancement update |
Informations | |||
---|---|---|---|
Name | RHSA-2013:0276 | First vendor Publication | 2013-02-21 |
Vendor | RedHat | Last vendor Modification | 2013-02-21 |
Severity (Vendor) | Moderate | Revision | 02 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
---|---|---|---|
Cvss Base Score | 5 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated libvirt packages that fix one security issue, multiple bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop (v. 6) - i386, x86_64 Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node (v. 6) - x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - x86_64 Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - x86_64 3. Description: The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. It was discovered that libvirt made certain invalid assumptions about dnsmasq's command line options when setting up DNS masquerading for virtual machines, resulting in dnsmasq incorrectly processing network packets from network interfaces that were intended to be prohibited. This update includes the changes necessary to call dnsmasq with a new command line option, which was introduced to dnsmasq via RHSA-2013:0277. (CVE-2012-3411) In order for libvirt to be able to make use of the new command line option (--bind-dynamic), updated dnsmasq packages need to be installed. Refer to RHSA-2013:0277 for additional information. These updated libvirt packages include numerous bug fixes and enhancements. Space precludes documenting all of these changes in this advisory. Users are directed to the Red Hat Enterprise Linux 6.4 Technical Notes, linked to in the References, for information on the most significant of these changes. All users of libvirt are advised to upgrade to these updated packages, which fix these issues and add these enhancements. After installing the updated packages, libvirtd must be restarted ("service libvirtd restart") for this update to take effect. 4. Solution: Before applying this update, make sure all previously-released errata relevant to your system have been applied. This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/knowledge/articles/11258 5. Bugs fixed (http://bugzilla.redhat.com/): 695394 - default migration speed is too low for guests with heavy IO 713922 - virsh man page refers to unspecified "documentation" 724893 - RFE: better message when start the guest which CPU comprises flags that host doesn't support 770285 - cpu-compare fails inside virtualized hosts 770795 - blkioParameters doesn't work 770830 - --config doesn't work correctly for blkiotune option --device-weight 771424 - RFE: Resident Set Size (RSS) limits on qemu guests 772290 - RFE: Configurable VNC start port or ability to exclude use of specific ports 787906 - [python binding] migrateGetMaxSpeed did not work right with parameters 789327 - [RFE] Resume VM from s3 as a response for monitor/keyboard/mouse action 798467 - libvirt doesn't validate a manually specified MAC address for a KVM guest 799986 - libvirtd should explicitly check for existance of configured sanlock directory before trying to register lockspace 801772 - RFE: Use scsi-hd, scsi-cd instead of scsi-disk 803577 - virsh attach-disk should detect disk source file type when sourcetype is not specified 804601 - Controllers do not support virsh attach/detach-device --persistent 805071 - RFE : Dynamically change the host network/bridge that is attached to a vNIC 805243 - [RFE] add some mechanism to pre-populate credentials for libvirt connections 805361 - RFE: privnet should work well with lxc 807545 - the programming continue to run when executing virsh snapshot-list with --roots and --from mutually exclusive options 807907 - Tunnelled migration sometimes report error when do scalability test 807996 - libvirtd may hang during tunneled migration 810799 - virsh list and "--managed-save " flag can't list the domains with managed save state 813191 - virt-xml-validate fail for pool, nodedev and capabilities 813735 - Non detection of qemu TCG mode support within a RHEL VM 813819 - Unable to disable sending keep-alive messages 815644 - There is no executable permission on default pool. 816448 - inaccurate display for status of stopped libvirt-guests service 816503 - [RFE] Ability to configure sound pass-through to appear as MIC as opposed to line-in 816609 - [libvirt] python bindings have inconsistent handling of float->int conversion 817219 - Don't allow to define multiple pools with the same target 817239 - dominfo outputs incorrectly for memory unit 817244 - Issues about virsh -h usage 818467 - Improve libvirt debug capability 818996 - [rfe] allow to disable usb & vga altogether 819401 - [LXC] virsh dominfo can't get a correct VCPU number 820173 - Libvirtd fails to initialize sanlock driver 821665 - unclear error message: qemu should report 'lsi' is not supported 822068 - libvirtd will crash when hotplug attah-disk to guest 822340 - There are some typos when virsh connect source guest server with ssh PermitRootLogin disabled 822373 - libvirtd will crash when tight loop of hotplug/unplug PCI device to guest without managed=yes 823362 - vol-create-as should fail when allocate a malformed size image 823765 - libvirt should raise an error when set network with special/invalid MAC address 823850 - find-storage-pool-sources/ find-storage-pool-sources-as can't return XML describing of netfs/iscsi pool 823857 - guest can't start with unable to set security context error if guests are unconfined 824253 - manpage: document limitations on identifying domains with numeric names 825068 - Start a guest with assigned usb device which is used by another guest will reset the label 825108 - unexpected result from virt-pki-validate 825600 - spice client could not disconnect after update graphics with connected='disconnect' 825699 - Can't start pool with uuid and other commands with uuid issue 825820 - Libvirt is missing important hooks 827234 - potential to deadlock libvirt on EPIPE 827380 - Minimum value for nodesuspend time duration need be given in virsh manual or help 827519 - "Unable to determine device index for network device" when attaching new network device to a guest that already has a netdev of type='hostdev' 828023 - [libvirt] Setting numa parameters causes guest xml error 828640 - valgrind defects some use-after-free errors - virsh console 828676 - virt-xml-validate validate fails when xml contains kernel/initrd/cmdline elements 828729 - CPU topology parsing bug on special NUMA platform 829107 - valgrind defects some use-after-free errors - virsh change-media 829246 - virsh detach-disk will be failed with special image name 829562 - virsh attach-disk --cache does not work 830051 - [Doc] virsh doc has error/omission on device commands and nodedev commands 830057 - man doc of vol-create-as format is lack of qed and vmdk 831044 - #libvirtd error messages should be fixed 831049 - Update libvirtd manpage to describe how --timeout works & its usage limitations 831099 - add the ability to set a wwn for SCSI disks 831149 - virt-manager causes iowait, due to rewriting XML files repeatable 832004 - vncdisplay can't output default ip address for the vnc display 832081 - Fix keepalive issues in libvirt 832156 - RFE: Support customizable actions when sanlock leases are lost 832302 - libvirt shouldn't delete an existing unregistered volume in vol-create 832309 - [Doc]Problems about manual and help of virsh desc command 832329 - [Doc]Problems about help of virsh domiftune command 832372 - [Doc]Problems about manual and help of virsh dompmsuspend command 833327 - [Doc]The abbreviation of domain name-id-uuid arguments are inconsistent in manual 833674 - Deactivate memory balloon with type of none get wrong error info 834365 - Improve error message when trying to change VM's processor count to 0 834927 - virConnectDomainEventRegisterAny won't register the same callback for the same event but for different domains 835782 - when create the netfs pool, virsh pool-create-as do not remount the target dir which is mounted for another device firstly. 836135 - spice migration: prevent race with libvirt 837466 - virsh report error when quit virsh connection 837470 - libvirtd crash when virsh find-storage-pool-sources 837485 - can not start vdsmd service after update the libvirt packages 837542 - [regression]can't undefine guest after guest saved. 837544 - snapshot-list return core dumped 837761 - [Doc] Inaccurate description about force option in change-media help 837884 - per-machine-type CPU models for safe migration 839537 - Error occurs when given hard_limit in memtune more than current swap_hard_limit 839557 - [Doc]Need to explain in manual that the output memory of memtune command may be rounded 839661 - libvirt: support QMP event for S4 839930 - There is no message if debug level number is out of scope when run a virsh command with -d option 842208 - "Segmentation fault" when use virsh command with vdsm installed 842272 - include-passwd option can't worked when using domdisplay. 842557 - libvirt doesn't check ABI compatibility of watchdog and channel fully 842966 - [snapshot] snapshot-info report unknow procedure error even snapshot-info works well 842979 - [Regression] lxc domain fail to start due to not exist cgroup dir 843324 - snapshot-edit will report error message but return 0 when do not update xml 843372 - disk-only snapshot create external file even if snapshot command failed 843560 - Add live migration support for USB 843716 - The libvirtd deamon was killed abnormally when i destroy a domain which was in creating process 844266 - Fail to modify the domain xml with saved file 844408 - after failed hotplug qemu keeps the file descriptor open 845448 - [blockcopy]sometimes Ctrl+C can't terminate blockcopy when use --wait with other options 845460 - exit console will crash libvirtd 845468 - snapshot-list --descendants --from will core dumped 845521 - Plug memory leak after escaping sequence for console 845523 - Use after free when escaping sequence for console 845635 - Return a specific error when qemu-ga is missing or unusable during a live snapshot (quiesce) 845893 - Double close of FD when failing to connect to a remote hypervisor 845958 - libvirt domain event handler can not catch domain pmsuspend and get error when pmwakeup 845966 - libvirt pmsuspend to disk will crash libvirtd 845968 - numatune command can't handle nodeset with '^' for excluding a node 846265 - virsh blkdeviotune fail 846629 - Failed to run cpu-stats when cpuacct.usage_percpu is too large 846639 - Should forbid suspend&resume operate when guest in pmsuspend status. 848648 - [Doc] Add annotation about how to enable stack traces in log messages 851391 - Throw out "DBus support" error in libvirtd.log when restart libvirtd 851395 - xml parse error occur after upgrade to the newest package 851397 - can not start guest in rhevm 851423 - virsh segmentation fault when using find-storage-pool-sources 851452 - unexpected result of virsh save when stop libvirtd 851491 - Libvirtd crash when set "security_default_confined = 0" in qemu.conf 851959 - cpuset can be set in two places. 851963 - Guest will be undefined if remove channel content 851981 - The migration with macvtap network was denied by the target when i set "setenforce 1" in the target 852260 - AFFECT_CURRENT flag does not work well in set_scheduler_parameters when domain is shutoff 852383 - libvirtd dead when start a domain with openvswitch interface 852592 - libvirtd will be crashed when run vcpupin more than once 852668 - libvirt got security label parse error with xml 852675 - [Graphical framebuffer] update device with connected parameter "fail", guest's xml changed 852984 - virsh start command will be hung with openvswitch network interface 853002 - [qemu-ga]shutdown guest by qemu-guest-agent will successful but report error 853043 - guest can't start with unable to set security context error if guests are unconfined 853342 - [doc]There are some typos in CPU Tuning part of the formatdomain.html 853567 - Request for taking fix for PF shutdown in 802.1Qbh 853821 - virsh reboot with 'agent' shutdown mode will hang 853925 - [configuration][doc] set security_driver in qemu.conf 853930 - It is failed to start guest when the number of vcpu is different between |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2013-0276.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:20912 | |||
Oval ID: | oval:org.mitre.oval:def:20912 | ||
Title: | RHSA-2013:0277: dnsmasq security, bug fix and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0277-02 CESA-2013:0277 CVE-2012-3411 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | dnsmasq |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:21113 | |||
Oval ID: | oval:org.mitre.oval:def:21113 | ||
Title: | RHSA-2013:0276: libvirt security, bug fix, and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2013:0276-02 CESA-2013:0276 CVE-2012-3411 | Version: | 4 |
Platform(s): | Red Hat Enterprise Linux 6 CentOS Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:23819 | |||
Oval ID: | oval:org.mitre.oval:def:23819 | ||
Title: | ELSA-2013:0276: libvirt security, bug fix, and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0276-02 CVE-2012-3411 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:24085 | |||
Oval ID: | oval:org.mitre.oval:def:24085 | ||
Title: | ELSA-2013:0277: dnsmasq security, bug fix and enhancement update (Moderate) | ||
Description: | Dnsmasq before 2.63test1, when used with certain libvirt configurations, replies to requests from prohibited interfaces, which allows remote attackers to cause a denial of service (traffic amplification) via a spoofed DNS query. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013:0277-02 CVE-2012-3411 | Version: | 6 |
Platform(s): | Oracle Linux 6 | Product(s): | dnsmasq |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:27544 | |||
Oval ID: | oval:org.mitre.oval:def:27544 | ||
Title: | DEPRECATED: ELSA-2013-0277 -- dnsmasq security, bug fix and enhancement update (moderate) | ||
Description: | [2.48-13] - Fix the DHCP RELEASE problem when two or more dnsmasq instances are running (rhbz#887156) [2.48-12] - Fixing initscript restart stop functions (rhbz#850944) [2.48-11] - Revert previous changes because of many problems with --bind-dynamic option backport. - Dropping dnsmasq-2.48-add-bind-dynamic-option.patch - Set SO_BINDTODEVICE socket option when using --bind-interfaces (rhbz#884957) [2.48-10] - Fixed dnsmasq-2.48-add-bind-dynamic-option.patch - the option --bind-dynamic was not set correctly when used [2.48-9] - Added cc flag -fno-strict-aliasing to solve Testsuite regressions [2.48-8] - Fix CVE-2012-3411 (rhbz#882251) [2.48-7] - Fix lease-change script (rhbz#815819) - Check tftp-root exists and is accessible at startup (rhbz#824214) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0277 CVE-2012-3411 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | dnsmasq |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:27553 | |||
Oval ID: | oval:org.mitre.oval:def:27553 | ||
Title: | DEPRECATED: ELSA-2013-0276 -- libvirt security, bug fix, and enhancement update (moderate) | ||
Description: | [libvirt-0.10.2-18.0.1.el6] - Replace docs/et.png in tarball with blank image [0.10.2-18] - rpc: Fix crash on error paths of message dispatching (CVE-2013-0170) - spec: Disable libssh2 support (rhbz#513363) | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2013-0276 CVE-2012-3411 | Version: | 4 |
Platform(s): | Oracle Linux 6 | Product(s): | libvirt |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2012-09-17 | Name : Fedora Update for dnsmasq FEDORA-2012-12598 File : nvt/gb_fedora_2012_12598_dnsmasq_fc17.nasl |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2015-12-22 | Name : The remote DNS / DHCP service is affected by a denial of service vulnerability. File : dnsmasq_dos-CVE-2013-0198.nasl - Type : ACT_GATHER_INFO |
2015-12-22 | Name : The remote DNS / DHCP service is affected by a denial of service vulnerability. File : dnsmasq_dos-CVE-2012-3411.nasl - Type : ACT_GATHER_INFO |
2014-11-08 | Name : The remote Red Hat host is missing a security update. File : redhat-RHSA-2013-0579.nasl - Type : ACT_GATHER_INFO |
2014-06-26 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-201406-24.nasl - Type : ACT_GATHER_INFO |
2013-09-04 | Name : The remote Amazon Linux AMI host is missing a security update. File : ala_ALAS-2013-161.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0276.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2013-0277.nasl - Type : ACT_GATHER_INFO |
2013-04-20 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2013-072.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0277.nasl - Type : ACT_GATHER_INFO |
2013-03-10 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2013-0276.nasl - Type : ACT_GATHER_INFO |
2013-03-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_dnsmasq_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-03-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20130221_libvirt_on_SL6_x.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0276.nasl - Type : ACT_GATHER_INFO |
2013-02-21 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2013-0277.nasl - Type : ACT_GATHER_INFO |
2013-02-19 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1320.nasl - Type : ACT_GATHER_INFO |
2013-02-13 | Name : The remote Fedora host is missing a security update. File : fedora_2013-1357.nasl - Type : ACT_GATHER_INFO |
2013-01-04 | Name : The remote Fedora host is missing a security update. File : fedora_2012-20531.nasl - Type : ACT_GATHER_INFO |
2012-12-20 | Name : The remote Fedora host is missing a security update. File : fedora_2012-20577.nasl - Type : ACT_GATHER_INFO |
2012-09-12 | Name : The remote Fedora host is missing a security update. File : fedora_2012-12598.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:56:48 |
|
2013-03-06 17:20:12 |
|
2013-03-06 13:20:03 |
|
2013-02-21 09:18:54 |
|