libvirt-0.10.2-64.0.1.AXS4
エラータID: AXSA:2018-3226:03
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.
Security Fix(es):
* libvirt: Resource exhaustion via qemuMonitorIORead() method (CVE-2018-5748)
* libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent (CVE-2018-1064)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
The CVE-2018-5748 issue was discovered by Daniel P. Berrange (Asianux) and Peter Krempa (Asianux), and the CVE-2018-1064 issue was discovered by Daniel P. Berrange (Asianux).
Additional Changes:
For detailed information on changes in this release, see the Asianux Server 4.10 Release Notes and Asianux Server 4.10 Technical Notes linked from the References section.
CVE-2018-1064
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.
CVE-2018-5748
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
Update packages.
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
N/A
SRPMS
- libvirt-0.10.2-64.0.1.AXS4.src.rpm
MD5: b00d6c3ae08ade3d6bd90d764a884d38
SHA-256: 3bb3a825122c6b4583c5808719cd25531c43e423728b4a21d3b7823837c6146d
Size: 22.43 MB
Asianux Server 4 for x86
- libvirt-0.10.2-64.0.1.AXS4.i686.rpm
MD5: 84b701c362a12efe1206437c30474861
SHA-256: 9da989df08466e27f96e09885fe61cc896c28c107f28c58f44b1d8ece3430ef9
Size: 2.15 MB - libvirt-client-0.10.2-64.0.1.AXS4.i686.rpm
MD5: 33115a1ec9784e2aa285b68da9988c16
SHA-256: a0d5192ad13e742d5205de380e33d2a9f9a06049619025396c83dd7a92c9456a
Size: 4.06 MB - libvirt-devel-0.10.2-64.0.1.AXS4.i686.rpm
MD5: d9352c6a079c65d4aca88b0c3bee82b5
SHA-256: d501aa1cdbd898daad8669566ca5854e544a7a2054e30029bf9039907cc387ba
Size: 440.68 kB - libvirt-python-0.10.2-64.0.1.AXS4.i686.rpm
MD5: 75291be22089ab757cfcf3798dbbc230
SHA-256: de575cc7bb1660d5194275a0abacd6f2580e7420faea94617c3958ebc3107c36
Size: 505.25 kB
Asianux Server 4 for x86_64
- libvirt-0.10.2-64.0.1.AXS4.x86_64.rpm
MD5: 8638b18b55845f8a76e7dea1cf1155a8
SHA-256: 182c40539b93f99cc48c90427b457a0c51968ef77c555a5726e79dffc38cedc0
Size: 2.43 MB - libvirt-client-0.10.2-64.0.1.AXS4.x86_64.rpm
MD5: 34e3c91688ba462adc7f9ca10fbff308
SHA-256: 3f1c2203d0e024c443633dfabccbb82863d4d745b7c2222e529731f62511935e
Size: 4.08 MB - libvirt-devel-0.10.2-64.0.1.AXS4.x86_64.rpm
MD5: 6250979826ba525a43841d6c39b0e2e5
SHA-256: c9425ee623d59b1cb1afef3b8cab69a89bddeea2f45e524140ec282b6bfc3e92
Size: 440.25 kB - libvirt-python-0.10.2-64.0.1.AXS4.x86_64.rpm
MD5: 0e87e25fb0bc645a475cf16a1b5e368b
SHA-256: 70b9468b002c50a10fe13416166b25d9feb0679c90d47ce85cfc450a0362d08e
Size: 504.83 kB - libvirt-client-0.10.2-64.0.1.AXS4.i686.rpm
MD5: 33115a1ec9784e2aa285b68da9988c16
SHA-256: a0d5192ad13e742d5205de380e33d2a9f9a06049619025396c83dd7a92c9456a
Size: 4.06 MB - libvirt-devel-0.10.2-64.0.1.AXS4.i686.rpm
MD5: d9352c6a079c65d4aca88b0c3bee82b5
SHA-256: d501aa1cdbd898daad8669566ca5854e544a7a2054e30029bf9039907cc387ba
Size: 440.68 kB