diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-10-22 14:58:56 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-10-22 14:58:56 +0900 |
commit | 4204309872da5cb401cbb2729d9e2d4869a87f42 (patch) | |
tree | c7415e8600205e40ff7e91e8e5f4c411f30329f2 /external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch | |
parent | 5b80bfd7bffd4c20d80b7c70a7130529e9a755dd (diff) |
agl-basesystem 0.1sandbox/ToshikazuOhiwa/master
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch')
-rw-r--r-- | external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch | 43 |
1 files changed, 43 insertions, 0 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch new file mode 100644 index 00000000..12ab5436 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10166.patch @@ -0,0 +1,43 @@ +From 6da721ea37bf3624ff9922637cfa657d2dcb20f9 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> +Date: Fri, 14 Jun 2019 09:14:53 +0200 +Subject: [PATCH 09/11] api: disallow virDomainManagedSaveDefineXML on + read-only connections +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The virDomainManagedSaveDefineXML can be used to alter the domain's +config used for managedsave or even execute arbitrary emulator binaries. +Forbid it on read-only connections. + +Fixes: CVE-2019-10166 +Reported-by: Matthias Gerstner <mgerstner@suse.de> +Signed-off-by: Ján Tomko <jtomko@redhat.com> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> +(cherry picked from commit db0b78457f183e4c7ac45bc94de86044a1e2056a) +Signed-off-by: Ján Tomko <jtomko@redhat.com> + +Upstream-Status: Backport +CVE: CVE-2019-10166 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + src/libvirt-domain.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c +index 270e10e..5c764aa 100644 +--- a/src/libvirt-domain.c ++++ b/src/libvirt-domain.c +@@ -9482,6 +9482,7 @@ virDomainManagedSaveDefineXML(virDomainPtr domain, const char *dxml, + + virCheckDomainReturn(domain, -1); + conn = domain->conn; ++ virCheckReadOnlyGoto(conn->flags, error); + + if (conn->driver->domainManagedSaveDefineXML) { + int ret; +-- +2.7.4 + |