Security update for libvirt SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:1285-1 Final 1 1 2019-05-17T13:33:44Z current 2019-05-17T13:33:44Z 2019-05-17T13:33:44Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libvirt This update for libvirt fixes the following issues: Security issue fixed: - CVE-2019-3886: Fixed an information leak which allowed to retrieve the guest hostname under readonly mode (bsc#1131595). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2019-1285,SUSE-SLE-Module-Basesystem-15-2019-1285,SUSE-SLE-Module-Development-Tools-OBS-15-2019-1285,SUSE-SLE-Module-Server-Applications-15-2019-1285 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-20191285-1/ Link for SUSE-SU-2019:1285-1 https://lists.suse.com/pipermail/sle-security-updates/2019-May/005477.html E-Mail link for SUSE-SU-2019:1285-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1131595 SUSE Bug 1131595 https://www.suse.com/security/cve/CVE-2019-3886/ SUSE CVE CVE-2019-3886 page SUSE Linux Enterprise Module for Basesystem 15 SUSE Linux Enterprise Module for Server Applications 15 libvirt-4.0.0-9.19.4 libvirt-admin-4.0.0-9.19.4 libvirt-client-4.0.0-9.19.4 libvirt-daemon-4.0.0-9.19.4 libvirt-daemon-config-network-4.0.0-9.19.4 libvirt-daemon-config-nwfilter-4.0.0-9.19.4 libvirt-daemon-driver-interface-4.0.0-9.19.4 libvirt-daemon-driver-libxl-4.0.0-9.19.4 libvirt-daemon-driver-lxc-4.0.0-9.19.4 libvirt-daemon-driver-network-4.0.0-9.19.4 libvirt-daemon-driver-nodedev-4.0.0-9.19.4 libvirt-daemon-driver-nwfilter-4.0.0-9.19.4 libvirt-daemon-driver-qemu-4.0.0-9.19.4 libvirt-daemon-driver-secret-4.0.0-9.19.4 libvirt-daemon-driver-storage-4.0.0-9.19.4 libvirt-daemon-driver-storage-core-4.0.0-9.19.4 libvirt-daemon-driver-storage-disk-4.0.0-9.19.4 libvirt-daemon-driver-storage-iscsi-4.0.0-9.19.4 libvirt-daemon-driver-storage-logical-4.0.0-9.19.4 libvirt-daemon-driver-storage-mpath-4.0.0-9.19.4 libvirt-daemon-driver-storage-rbd-4.0.0-9.19.4 libvirt-daemon-driver-storage-scsi-4.0.0-9.19.4 libvirt-daemon-hooks-4.0.0-9.19.4 libvirt-daemon-lxc-4.0.0-9.19.4 libvirt-daemon-qemu-4.0.0-9.19.4 libvirt-daemon-xen-4.0.0-9.19.4 libvirt-devel-4.0.0-9.19.4 libvirt-devel-32bit-4.0.0-9.19.4 libvirt-devel-64bit-4.0.0-9.19.4 libvirt-doc-4.0.0-9.19.4 libvirt-libs-4.0.0-9.19.4 libvirt-lock-sanlock-4.0.0-9.19.4 libvirt-nss-4.0.0-9.19.4 wireshark-plugin-libvirt-4.0.0-9.19.4 libvirt-libs-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Basesystem 15 libvirt-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-admin-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-client-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-config-network-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-config-nwfilter-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-interface-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-libxl-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-lxc-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-network-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-nodedev-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-nwfilter-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-qemu-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-secret-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-core-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-disk-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-iscsi-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-logical-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-mpath-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-rbd-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-driver-storage-scsi-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-hooks-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-lxc-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-qemu-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-daemon-xen-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-devel-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-doc-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-lock-sanlock-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 libvirt-nss-4.0.0-9.19.4 as a component of SUSE Linux Enterprise Module for Server Applications 15 An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block. CVE-2019-3886 SUSE Linux Enterprise Module for Basesystem 15:libvirt-libs-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-admin-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-client-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-config-network-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-config-nwfilter-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-interface-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-libxl-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-lxc-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-network-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-nodedev-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-nwfilter-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-qemu-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-secret-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-core-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-disk-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-iscsi-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-logical-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-mpath-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-rbd-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-driver-storage-scsi-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-hooks-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-lxc-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-qemu-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-daemon-xen-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-devel-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-doc-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-lock-sanlock-4.0.0-9.19.4 SUSE Linux Enterprise Module for Server Applications 15:libvirt-nss-4.0.0-9.19.4 moderate 4.8 AV:A/AC:L/Au:N/C:P/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-20191285-1/ https://www.suse.com/security/cve/CVE-2019-3886.html CVE-2019-3886 https://bugzilla.suse.com/1131595 SUSE Bug 1131595 https://bugzilla.suse.com/1133150 SUSE Bug 1133150 https://bugzilla.suse.com/1138301 SUSE Bug 1138301