diff options
Diffstat (limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch')
-rw-r--r-- | external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch new file mode 100644 index 00000000..576f46c7 --- /dev/null +++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10167.patch @@ -0,0 +1,41 @@ +From 5441f05a42a90779b0df86518286bf527e94aafb Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?J=C3=A1n=20Tomko?= <jtomko@redhat.com> +Date: Fri, 14 Jun 2019 09:16:14 +0200 +Subject: [PATCH 10/11] api: disallow virConnectGetDomainCapabilities on + read-only connections +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This API can be used to execute arbitrary emulators. +Forbid it on read-only connections. + +Fixes: CVE-2019-10167 +Signed-off-by: Ján Tomko <jtomko@redhat.com> +Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> +(cherry picked from commit 8afa68bac0cf99d1f8aaa6566685c43c22622f26) +Signed-off-by: Ján Tomko <jtomko@redhat.com> + +Upstream-Status: Backport +CVE: CVE-2019-10167 +Signed-off-by: Armin Kuster <akuster@mvista.com> + +--- + src/libvirt-domain.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/libvirt-domain.c b/src/libvirt-domain.c +index 5c764aa..9862a5d 100644 +--- a/src/libvirt-domain.c ++++ b/src/libvirt-domain.c +@@ -11274,6 +11274,7 @@ virConnectGetDomainCapabilities(virConnectPtr conn, + virResetLastError(); + + virCheckConnectReturn(conn, NULL); ++ virCheckReadOnlyGoto(conn->flags, error); + + if (conn->driver->connectGetDomainCapabilities) { + char *ret; +-- +2.7.4 + |