SB2020031934 - Denial of service in libvirt
Published: March 19, 2020 Updated: May 23, 2020
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Resource management error (CVE-ID: CVE-2019-20485)
The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources with the qemu/qemu_driver.c in libvirt while holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
2) Resource management error (CVE-ID: CVE-2020-10703)
The vulnerability allows a remote user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper management of internal resources with the application when performing pool lookups within the storagePoolLookupByTargetPath() function in storage/storage_driver.c. A remote user can create a pool with empty target path and then perform search for an empty target, which results in libvirt crash.
Remediation
Install update from vendor's website.
References
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953078
- https://bugzilla.redhat.com/show_bug.cgi?id=1809740
- https://libvirt.org/git/?p=libvirt.git;a=commit;h=a663a860819287e041c3de672aad1d8543098ecc
- https://security-tracker.debian.org/tracker/CVE-2019-20485
- https://www.mail-archive.com/debian-bugs-dist@lists.debian.org/msg1730509.html
- https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=dfff16a7c261f8d28e3abe60a47165f845fa952f;hp=7a7d36055ce7c161e9309c7bad7f8e61be31c5b8
- https://bugzilla.redhat.com/show_bug.cgi?id=1790725