Security update for libvirt SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2019:14100-1 Final 1 1 2019-06-21T11:53:22Z current 2019-06-21T11:53:22Z 2019-06-21T11:53:22Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libvirt This update for libvirt fixes the following issues: Security issue fixed: - CVE-2019-10161: Fixed virDomainSaveImageGetXMLDesc API which could accept a path parameter pointing anywhere on the system and potentially leading to execution of a malicious file with root privileges by libvirtd (bsc#1138301). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). sleposp3-libvirt-14100 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2019/suse-su-201914100-1/ Link for SUSE-SU-2019:14100-1 https://lists.suse.com/pipermail/sle-security-updates/2019-June/005613.html E-Mail link for SUSE-SU-2019:14100-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1138301 SUSE Bug 1138301 https://www.suse.com/security/cve/CVE-2019-10161/ SUSE CVE CVE-2019-10161 page SUSE Linux Enterprise Point of Sale 11 SP3 libvirt-1.0.5.9-21.20.1 libvirt-client-1.0.5.9-21.20.1 libvirt-doc-1.0.5.9-21.20.1 libvirt-lock-sanlock-1.0.5.9-21.20.1 libvirt-python-1.0.5.9-21.20.1 libvirt-1.0.5.9-21.20.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 libvirt-client-1.0.5.9-21.20.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 libvirt-doc-1.0.5.9-21.20.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 libvirt-lock-sanlock-1.0.5.9-21.20.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 libvirt-python-1.0.5.9-21.20.1 as a component of SUSE Linux Enterprise Point of Sale 11 SP3 It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. CVE-2019-10161 SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-1.0.5.9-21.20.1 SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-client-1.0.5.9-21.20.1 SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-doc-1.0.5.9-21.20.1 SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-lock-sanlock-1.0.5.9-21.20.1 SUSE Linux Enterprise Point of Sale 11 SP3:libvirt-python-1.0.5.9-21.20.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2019/suse-su-201914100-1/ https://www.suse.com/security/cve/CVE-2019-10161.html CVE-2019-10161 https://bugzilla.suse.com/1138301 SUSE Bug 1138301