Sender: |
|
Date: |
Fri, 20 Mar 2009 16:00:50 -0500 |
MIME-version: |
1.0 |
Reply-To: |
|
Content-type: |
text/plain; format=flowed; charset=ISO-8859-1 |
Subject: |
|
From: |
|
Content-transfer-encoding: |
7BIT |
Comments: |
|
Parts/Attachments: |
|
|
Synopsis: Moderate: libvirt security update
Issue date: 2009-03-19
CVE Names: CVE-2008-5086 CVE-2009-0036
The libvirtd daemon was discovered to not properly check user connection
permissions before performing certain privileged actions, such as
requesting migration of an unprivileged guest domain to another system.
A local user able to establish a read-only connection to libvirtd could
use this flaw to perform actions that should be restricted to read-write
connections. (CVE-2008-5086)
libvirt_proxy, a setuid helper application allowing non-privileged users
to communicate with the hypervisor, was discovered to not properly
validate user requests. Local users could use this flaw to cause a
stack-based buffer overflow in libvirt_proxy, possibly allowing them to
run arbitrary code with root privileges. (CVE-2009-0036)
After installing the update, libvirtd must be restarted manually (for
example, by issuing a "service libvirtd restart" command) for this
change to take effect.
SL 5.x
SRPMS:
libvirt-0.3.3-14.el5_3.1.src.rpm
i386:
libvirt-0.3.3-14.el5_3.1.i386.rpm
libvirt-devel-0.3.3-14.el5_3.1.i386.rpm
libvirt-python-0.3.3-14.el5_3.1.i386.rpm
x86_64:
libvirt-0.3.3-14.el5_3.1.i386.rpm
libvirt-0.3.3-14.el5_3.1.x86_64.rpm
libvirt-devel-0.3.3-14.el5_3.1.i386.rpm
libvirt-devel-0.3.3-14.el5_3.1.x86_64.rpm
libvirt-python-0.3.3-14.el5_3.1.x86_64.rpm
-Connie Sieh
-Troy Dawson
|
|
|