Important: libvirt security and bug fix update

Synopsis

Important: libvirt security and bug fix update

Type/Severity

Security Advisory: Important

Topic

An update for libvirt is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

Security Fix(es):

• libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161)
  
• libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166)
  
• libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)
  
• libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)
  

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• Live migration fail with unsafe error when GPFS is used as shared filesystem (BZ#1715867)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

After installing the updated packages, libvirtd will be restarted automatically.

Affected Products

• Red Hat Enterprise Linux Server 7 x86_64
• Red Hat Enterprise Linux Server - Extended Update Support 7.6 x86_64
• Red Hat Enterprise Linux Server - AUS 7.6 x86_64
• Red Hat Enterprise Linux Workstation 7 x86_64
• Red Hat Enterprise Linux Desktop 7 x86_64
• Red Hat Enterprise Linux for IBM z Systems 7 s390x
• Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.6 s390x
• Red Hat Enterprise Linux for Power, big endian 7 ppc64
• Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.6 ppc64
• Red Hat Enterprise Linux for Scientific Computing 7 x86_64
• Red Hat Virtualization 4.3 x86_64
• Red Hat Gluster Storage Server for On-premise 3 for RHEL 7 x86_64
• Red Hat Enterprise Linux EUS Compute Node 7.6 x86_64
• Red Hat Virtualization for IBM Power LE 4 for RHEL 7 ppc64le
• Red Hat Enterprise Linux for Power, little endian 7 ppc64le
• Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.6 ppc64le
• Red Hat Enterprise Linux Server - TUS 7.6 x86_64
• Red Hat Enterprise Linux for ARM 64 7 aarch64
• Red Hat Enterprise Linux for Power 9 7 ppc64le
• Red Hat Enterprise Linux Server (for IBM Power LE) - Update Services for SAP Solutions 7.6 ppc64le
• Red Hat Enterprise Linux Server - Update Services for SAP Solutions 7.6 x86_64
• Red Hat Virtualization - Extended Update Support 4.2 x86_64
• Red Hat Enterprise Linux for IBM System z (Structure A) 7 s390x

Fixes

• BZ - 1720114 - CVE-2019-10166 libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients
• BZ - 1720115 - CVE-2019-10161 libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API
• BZ - 1720117 - CVE-2019-10167 libvirt: arbitrary command execution via virConnectGetDomainCapabilities API
• BZ - 1720118 - CVE-2019-10168 libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs

CVEs

• CVE-2019-10161
• CVE-2019-10166
• CVE-2019-10167
• CVE-2019-10168

References

• https://access.redhat.com/security/updates/classification/#important