From 4204309872da5cb401cbb2729d9e2d4869a87f42 Mon Sep 17 00:00:00 2001
From: takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp>
Date: Thu, 22 Oct 2020 14:58:56 +0900
Subject: agl-basesystem 0.1

---
 .../libvirt/libvirt/CVE-2019-10132_p1.patch        | 63 ++++++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch

(limited to 'external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch')

diff --git a/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
new file mode 100644
index 00000000..11c1c5df
--- /dev/null
+++ b/external/meta-virtualization/recipes-extended/libvirt/libvirt/CVE-2019-10132_p1.patch
@@ -0,0 +1,63 @@
+From dfd22fc50f8f268b9810d2ef21adada021f740eb Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
+Date: Tue, 30 Apr 2019 17:26:13 +0100
+Subject: [PATCH 05/11] admin: reject clients unless their UID matches the
+ current UID
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+The admin protocol RPC messages are only intended for use by the user
+running the daemon. As such they should not be allowed for any client
+UID that does not match the server UID.
+
+Fixes CVE-2019-10132
+
+Reviewed-by: Ján Tomko <jtomko@redhat.com>
+Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
+(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7)
+
+Upstream-Status: Backport
+CVE: CVE-2019-10132
+Signed-off-by: Armin Kuster <akuster@mvista.com>
+
+---
+ src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++
+ 1 file changed, 22 insertions(+)
+
+diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c
+index b78ff90..9f25813 100644
+--- a/src/admin/admin_server_dispatch.c
++++ b/src/admin/admin_server_dispatch.c
+@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED,
+                    void *opaque)
+ {
+     struct daemonAdmClientPrivate *priv;
++    uid_t clientuid;
++    gid_t clientgid;
++    pid_t clientpid;
++    unsigned long long timestamp;
++
++    if (virNetServerClientGetUNIXIdentity(client,
++                                          &clientuid,
++                                          &clientgid,
++                                          &clientpid,
++                                          &timestamp) < 0)
++        return NULL;
++
++    VIR_DEBUG("New client pid %lld uid %lld",
++              (long long)clientpid,
++              (long long)clientuid);
++
++    if (geteuid() != clientuid) {
++        virReportRestrictedError(_("Disallowing client %lld with uid %lld"),
++                                 (long long)clientpid,
++                                 (long long)clientuid);
++        return NULL;
++    }
+ 
+     if (VIR_ALLOC(priv) < 0)
+         return NULL;
+-- 
+2.7.4
+
-- 
cgit 1.2.3-korg