diff options
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch')
| -rw-r--r-- | external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch | 63 |
1 files changed, 0 insertions, 63 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch deleted file mode 100644 index 11c1c5df..00000000 --- a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch +++ /dev/null @@ -1,63 +0,0 @@ -From dfd22fc50f8f268b9810d2ef21adada021f740eb Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com> -Date: Tue, 30 Apr 2019 17:26:13 +0100 -Subject: [PATCH 05/11] admin: reject clients unless their UID matches the - current UID -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The admin protocol RPC messages are only intended for use by the user -running the daemon. As such they should not be allowed for any client -UID that does not match the server UID. - -Fixes CVE-2019-10132 - -Reviewed-by: Ján Tomko <jtomko@redhat.com> -Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> -(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7) - -Upstream-Status: Backport -CVE: CVE-2019-10132 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++ - 1 file changed, 22 insertions(+) - -diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c -index b78ff90..9f25813 100644 ---- a/src/admin/admin_server_dispatch.c -+++ b/src/admin/admin_server_dispatch.c -@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED, - void *opaque) - { - struct daemonAdmClientPrivate *priv; -+ uid_t clientuid; -+ gid_t clientgid; -+ pid_t clientpid; -+ unsigned long long timestamp; -+ -+ if (virNetServerClientGetUNIXIdentity(client, -+ &clientuid, -+ &clientgid, -+ &clientpid, -+ ×tamp) < 0) -+ return NULL; -+ -+ VIR_DEBUG("New client pid %lld uid %lld", -+ (long long)clientpid, -+ (long long)clientuid); -+ -+ if (geteuid() != clientuid) { -+ virReportRestrictedError(_("Disallowing client %lld with uid %lld"), -+ (long long)clientpid, -+ (long long)clientuid); -+ return NULL; -+ } - - if (VIR_ALLOC(priv) < 0) - return NULL; --- -2.7.4 - |