Security update for libvirt SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2020:2970-1 Final 1 1 2020-10-20T14:06:17Z current 2020-10-20T14:06:17Z 2020-10-20T14:06:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for libvirt This update for libvirt fixes the following issues: - CVE-2020-15708: Added a note to libvirtd.conf about polkit auth in SUSE distros (bsc#1174955). - CVE-2020-25637: Fixed a double free in qemuAgentGetInterfaces() (bsc#1177155). - qemu: Avoid stale capabilities cache host CPU or kernel command line changes (bsc#1173157). - virdevmapper: Handle kernel without device-mapper support (bsc#1175465). - Xen: Added support for passing arbitrary commands to the qemu device model, similar to the xl.cfg(5) device_model_args setting (bsc#1174139). - Xen: Don't add dom0 twice on driver reload (bsc#1176430). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container suse/sles/15.2/virt-handler:0.38.1-2020-2970,Container suse/sles/15.2/virt-launcher:0.38.1-2020-2970,SUSE-2020-2970,SUSE-SLE-Module-Basesystem-15-SP2-2020-2970,SUSE-SLE-Module-Server-Applications-15-SP2-2020-2970 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2020/suse-su-20202970-1/ Link for SUSE-SU-2020:2970-1 https://lists.suse.com/pipermail/sle-security-updates/2020-October/007594.html E-Mail link for SUSE-SU-2020:2970-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1173157 SUSE Bug 1173157 https://bugzilla.suse.com/1174139 SUSE Bug 1174139 https://bugzilla.suse.com/1174955 SUSE Bug 1174955 https://bugzilla.suse.com/1175465 SUSE Bug 1175465 https://bugzilla.suse.com/1176430 SUSE Bug 1176430 https://bugzilla.suse.com/1177155 SUSE Bug 1177155 https://www.suse.com/security/cve/CVE-2020-15708/ SUSE CVE CVE-2020-15708 page https://www.suse.com/security/cve/CVE-2020-25637/ SUSE CVE CVE-2020-25637 page Container suse/sles/15.2/virt-handler:0.38.1 Container suse/sles/15.2/virt-launcher:0.38.1 SUSE Linux Enterprise Module for Basesystem 15 SP2 SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-client-6.0.0-13.8.1 libvirt-libs-6.0.0-13.8.1 libvirt-daemon-6.0.0-13.8.1 libvirt-daemon-driver-interface-6.0.0-13.8.1 libvirt-daemon-driver-network-6.0.0-13.8.1 libvirt-daemon-driver-nodedev-6.0.0-13.8.1 libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 libvirt-daemon-driver-qemu-6.0.0-13.8.1 libvirt-daemon-driver-secret-6.0.0-13.8.1 libvirt-daemon-driver-storage-6.0.0-13.8.1 libvirt-daemon-driver-storage-core-6.0.0-13.8.1 libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 libvirt-daemon-qemu-6.0.0-13.8.1 libvirt-6.0.0-13.8.1 libvirt-admin-6.0.0-13.8.1 libvirt-bash-completion-6.0.0-13.8.1 libvirt-daemon-config-network-6.0.0-13.8.1 libvirt-daemon-config-nwfilter-6.0.0-13.8.1 libvirt-daemon-driver-libxl-6.0.0-13.8.1 libvirt-daemon-driver-lxc-6.0.0-13.8.1 libvirt-daemon-hooks-6.0.0-13.8.1 libvirt-daemon-lxc-6.0.0-13.8.1 libvirt-daemon-xen-6.0.0-13.8.1 libvirt-devel-6.0.0-13.8.1 libvirt-devel-32bit-6.0.0-13.8.1 libvirt-devel-64bit-6.0.0-13.8.1 libvirt-doc-6.0.0-13.8.1 libvirt-lock-sanlock-6.0.0-13.8.1 libvirt-nss-6.0.0-13.8.1 wireshark-plugin-libvirt-6.0.0-13.8.1 libvirt-client-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-handler:0.38.1 libvirt-libs-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-handler:0.38.1 libvirt-client-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-interface-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-network-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-nodedev-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-qemu-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-secret-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-core-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-daemon-qemu-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-libs-6.0.0-13.8.1 as a component of Container suse/sles/15.2/virt-launcher:0.38.1 libvirt-libs-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Basesystem 15 SP2 libvirt-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-admin-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-bash-completion-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-client-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-config-network-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-config-nwfilter-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-interface-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-libxl-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-lxc-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-network-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-nodedev-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-qemu-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-secret-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-core-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-hooks-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-lxc-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-qemu-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-daemon-xen-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-devel-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-doc-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-lock-sanlock-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 libvirt-nss-6.0.0-13.8.1 as a component of SUSE Linux Enterprise Module for Server Applications 15 SP2 Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code. CVE-2020-15708 Container suse/sles/15.2/virt-handler:0.38.1:libvirt-client-6.0.0-13.8.1 Container suse/sles/15.2/virt-handler:0.38.1:libvirt-libs-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-client-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-interface-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-network-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-nodedev-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-qemu-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-secret-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-core-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-qemu-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-libs-6.0.0-13.8.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libvirt-libs-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-admin-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-bash-completion-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-client-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-config-network-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-config-nwfilter-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-interface-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-libxl-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-lxc-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-network-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-nodedev-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-qemu-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-secret-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-core-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-hooks-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-lxc-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-qemu-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-xen-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-devel-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-doc-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-lock-sanlock-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-nss-6.0.0-13.8.1 important 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202970-1/ https://www.suse.com/security/cve/CVE-2020-15708.html CVE-2020-15708 https://bugzilla.suse.com/1174955 SUSE Bug 1174955 A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-25637 Container suse/sles/15.2/virt-handler:0.38.1:libvirt-client-6.0.0-13.8.1 Container suse/sles/15.2/virt-handler:0.38.1:libvirt-libs-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-client-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-interface-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-network-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-nodedev-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-qemu-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-secret-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-core-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-daemon-qemu-6.0.0-13.8.1 Container suse/sles/15.2/virt-launcher:0.38.1:libvirt-libs-6.0.0-13.8.1 SUSE Linux Enterprise Module for Basesystem 15 SP2:libvirt-libs-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-admin-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-bash-completion-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-client-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-config-network-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-config-nwfilter-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-interface-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-libxl-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-lxc-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-network-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-nodedev-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-nwfilter-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-qemu-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-secret-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-core-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-disk-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-iscsi-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-logical-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-mpath-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-rbd-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-driver-storage-scsi-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-hooks-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-lxc-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-qemu-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-daemon-xen-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-devel-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-doc-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-lock-sanlock-6.0.0-13.8.1 SUSE Linux Enterprise Module for Server Applications 15 SP2:libvirt-nss-6.0.0-13.8.1 important 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2020/suse-su-20202970-1/ https://www.suse.com/security/cve/CVE-2020-25637.html CVE-2020-25637 https://bugzilla.suse.com/1174955 SUSE Bug 1174955 https://bugzilla.suse.com/1177155 SUSE Bug 1177155