diff options
| author |   takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-10-22 14:58:56 +0900 |
|---|---|---|
| committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-10-22 14:58:56 +0900 |
| commit | 4204309872da5cb401cbb2729d9e2d4869a87f42 (patch) | |
| tree | c7415e8600205e40ff7e91e8e5f4c411f30329f2 /external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch | |
| parent | 5b80bfd7bffd4c20d80b7c70a7130529e9a755dd (diff) | |
agl-basesystem 0.1sandbox/ToshikazuOhiwa/master
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch')
| -rw-r--r-- | external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch new file mode 100644 index 00000000..11c1c5df --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch @@ -0,0 +1,63 @@ +From dfd22fc50f8f268b9810d2ef21adada021f740eb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> +Date: Tue, 30 Apr 2019 17:26:13 +0100 +Subject: [PATCH 05/11] admin: reject clients unless their UID matches the + current UID +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The admin protocol RPC messages are only intended for use by the user +running the daemon. As such they should not be allowed for any client +UID that does not match the server UID. + +Fixes CVE-2019-10132 + +Reviewed-by: Ján Tomko <jtomko@redhat.com> +Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> +(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7) + +Upstream-Status: Backport +CVE: CVE-2019-10132 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++ + 1 file changed, 22 insertions(+) + +diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c +index b78ff90..9f25813 100644 +--- a/src/admin/admin_server_dispatch.c ++++ b/src/admin/admin_server_dispatch.c +@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED, + void *opaque) + { + struct daemonAdmClientPrivate *priv; ++ uid_t clientuid; ++ gid_t clientgid; ++ pid_t clientpid; ++ unsigned long long timestamp; ++ ++ if (virNetServerClientGetUNIXIdentity(client, ++ &clientuid, ++ &clientgid, ++ &clientpid, ++ ×tamp) < 0) ++ return NULL; ++ ++ VIR_DEBUG("New client pid %lld uid %lld", ++ (long long)clientpid, ++ (long long)clientuid); ++ ++ if (geteuid() != clientuid) { ++ virReportRestrictedError(_("Disallowing client %lld with uid %lld"), ++ (long long)clientpid, ++ (long long)clientuid); ++ return NULL; ++ } + + if (VIR_ALLOC(priv) < 0) + return NULL; +-- +2.7.4 + |