libvirt-10.0.0-6.2.el9.ML.1
エラータID: AXSA:2024-8065:03
リリース日:
2024/05/31 Friday - 17:09
題名:
libvirt-10.0.0-6.2.el9.ML.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libvirt の udevListInterfacesByStatus() 関数には、
オフバイワンエラーの問題があるため、ローカルの
攻撃者により、巧妙に細工されたデータの送信を
介して、サービス拒否攻撃 (クラッシュの発生) を
可能とする脆弱性が存在します。
(CVE-2024-1441)
- libvirt の RPC ライブラリの逆シリアル化処理には、
負数のチェック処理前にメモリ領域を確保してしまう
問題があるため、ローカルの攻撃者により、サービス
拒否攻撃 (libvirtd のクラッシュの発生) を可能とする
脆弱性が存在します。(CVE-2024-2494)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-1441
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size of the `names` array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of service attack by causing the libvirt daemon to crash.
CVE-2024-2494
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negative length being treated as a huge positive number. This flaw allows a local, unprivileged user to perform a denial of service attack by causing the libvirt daemon to crash.
CVE-2024-2496
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.
追加情報:
N/A
ダウンロード:
SRPMS
- libvirt-10.0.0-6.2.el9.ML.1.src.rpm
MD5: 0717093b9f24db0c93865d90a08fd94a
SHA-256: e5811893acc18c147c5be9d403036b4ca274a1396a3ac21ed292649086d00796
Size: 9.13 MB
Asianux Server 9 for x86_64
- libvirt-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: f336bba91bd2d5d07bdfc8a96db44c70
SHA-256: 34ef2bf48795980da944c79dcfd1d55192a067d4ab7a407923956ef886f26a90
Size: 26.20 kB - libvirt-client-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 78496c2a3241213c3a08f0e085e30d04
SHA-256: 31070d96480d8a4af0f449a34afb951fb569ebb6c266fddc13ab91ff1499be4b
Size: 435.75 kB - libvirt-client-qemu-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: adf734ab80e0e9de1a852b6a6603792a
SHA-256: 55a22926cd9fdcd87e26703b51b5bbcf18135473f1ba27423dde5b2848093b8c
Size: 46.67 kB - libvirt-daemon-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 92241e6d4a864b032c411f3b4e093c05
SHA-256: 62497e83b6d7a90b079f8bb37600ad7716c7b5527d2998f9649bad06b97daa5c
Size: 213.18 kB - libvirt-daemon-common-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 5b285a836a7bcb79c96ac9dad381922b
SHA-256: 54a8391bdde550048c7b553d9e4911a865fd846cee092bd34dfa498aad334334
Size: 133.70 kB - libvirt-daemon-config-network-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 0be28717b7d745d727f1a7f898d02a76
SHA-256: 2e8c2d4bfa9e6d65bdfbfdda2a48d9caad94ec57ff3b169f34f33ab048749131
Size: 28.57 kB - libvirt-daemon-config-nwfilter-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: eaca29afdf5979f3c09eea98cceedb21
SHA-256: 4e44dea1733a702926935bb20dd474ef1928a5e55c71c31f8f0acaf94733a7a3
Size: 34.30 kB - libvirt-daemon-driver-interface-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 0b22bc612aebd8b167723e1d462a02ee
SHA-256: 8cbebeb6b70ef73ae44a79ff3c9f9142a08e0f92c43be1dd7c897a35e7946a59
Size: 218.79 kB - libvirt-daemon-driver-network-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 9b8614f00e9c2cc29829522012ad916d
SHA-256: 2365ae0b7ee9717c70a6285ed1454c0936fc8360ff9a158b50fb378180306c56
Size: 257.72 kB - libvirt-daemon-driver-nodedev-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: fb03319fd1e3fb4cc6f0402f75491b3e
SHA-256: dd94639106f227570b507d506ed90803cb497f11226c4c724f249a6043f84140
Size: 239.54 kB - libvirt-daemon-driver-nwfilter-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: adbd4b4aa1cecf499d9aa5864fb2bf26
SHA-256: 4068a011aca69c70ca450d479d2c10648eaed460677fea7eac448ffe1b3be725
Size: 254.91 kB - libvirt-daemon-driver-qemu-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 45d7f83864947f05d3531308a1689f8c
SHA-256: 0a193737018fe8fc3cf7a94265a2ecad30ab2645063603be8f3982bac691985e
Size: 970.80 kB - libvirt-daemon-driver-secret-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 4549a149312e7ffbfeb0f05444ca77a3
SHA-256: 3b4fcdbc0bbb178ea004cab3712405edb438d5469d00b1e14f3f589b96e84d62
Size: 215.54 kB - libvirt-daemon-driver-storage-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 658cc1edae4816e886b66a194af8f0bf
SHA-256: 17cc411f13c4dca5573d9a28e2b24f3289b0d8652c812ed7dc7969626e5ca34e
Size: 25.88 kB - libvirt-daemon-driver-storage-core-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 14c1c978f2716454827e5519bfa46c67
SHA-256: eb79fcf84a53c4d4cea01c806aca47de2f629d26481d55b230a3fbd561252447
Size: 274.22 kB - libvirt-daemon-driver-storage-disk-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 781765c89a12b34feb168cc765c182fa
SHA-256: becef7cfd873c4cbcbc854a174f1cb994bf063981896f16541a3dce1a0cbaf2d
Size: 37.14 kB - libvirt-daemon-driver-storage-iscsi-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 9ff5c94fe90a800a00da382b97dca747
SHA-256: 9c968d8080c7f41c3326544e6f9192bcb3ebc87df53231012ec60980f602da7b
Size: 34.26 kB - libvirt-daemon-driver-storage-logical-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 5981d17edf9605d8966f13b2bf44b25f
SHA-256: 24c7e532fab305f19941cefbab5af88ab4d67832fd1b69dd9774086166f9280f
Size: 38.25 kB - libvirt-daemon-driver-storage-mpath-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 0d3202474247757176e016446924bfe8
SHA-256: 9a27e9d46ab918146b6d7b1ab2ea7565f2c23374c20cf62eb865a692a748ee70
Size: 31.60 kB - libvirt-daemon-driver-storage-rbd-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: af6d37fe3e1088003857f168cb9a31dc
SHA-256: 44684ec6bd3ec94dfca883c7d50aa378eb165e2891efda80cd2f13ff28c5679c
Size: 42.41 kB - libvirt-daemon-driver-storage-scsi-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: c05e26c09b8d0cca9bc702d6abb61656
SHA-256: b1df9487bd9d16ad79dac05557ca31e273e8403bfde5ac7df6cdc7f6817cdefe
Size: 34.00 kB - libvirt-daemon-kvm-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: f65030d761be71d698ee0e4db85f677e
SHA-256: d90b71b42ffea6f9e675d51098acfbe7a3ea4d4e03573f1a10e5cd18bbfc941d
Size: 26.09 kB - libvirt-daemon-lock-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 61c47b2f0773da8b2ae40871168765ef
SHA-256: 30b6f2953474fcbb151f9c1efe2a6cc1eb9bff2c9bdaf148b9fdaa08c929205f
Size: 63.71 kB - libvirt-daemon-log-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: e7c6dcd2835501c2295f22aa33e3963d
SHA-256: 3fe331495a4a56291e57753ea58ebc1a1150361312bf812a6f39c7938781b151
Size: 67.82 kB - libvirt-daemon-plugin-lockd-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: ed976dc08c515719a3f00a9b70bc6492
SHA-256: 73373f44be50dc82916235d9fcb32af3d2cd9975e9c0d668eca156ac9f3067b2
Size: 37.43 kB - libvirt-daemon-plugin-sanlock-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: e96920658cd26d506f8bf18eebcc100f
SHA-256: c828ced0c7efa380758398b4596e8c0090b73ee4378eb2d694bf6d2bc9440ba7
Size: 48.64 kB - libvirt-daemon-proxy-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 1b16b30e3ed2342eb49845641f6e9006
SHA-256: 11e4b29f0ced9dc7fd3b7c6ade1df52e7e016ec3bcddb79ff6ab415349df0712
Size: 210.53 kB - libvirt-devel-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 336d843df01d7853621eb7e6d77a4de9
SHA-256: 3bf8c0cda4f586ef4552286d887964cc86cd9b0b34db54cf8b86c432c1381cde
Size: 202.07 kB - libvirt-docs-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: e2b7b92340b8f163f07f193f87d2b93b
SHA-256: 77ec21a0776c86b92f6bba9b6fe0dc4a6d610758e836bf19680709cb28ba002d
Size: 1.83 MB - libvirt-libs-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 56bb7cf5abe2415c9fcfa0c0221bc43a
SHA-256: 703ce81a887a9d1922e41f18b724d352519624f1ef662138c5dc1d26544d4dba
Size: 4.91 MB - libvirt-nss-10.0.0-6.2.el9.ML.1.x86_64.rpm
MD5: 204d54ed2ec0d7e5d7f9d495d81c0de2
SHA-256: f0a6609139960e5d774ccb2c82399e09fee9ea282e619caecce5148197985e36
Size: 37.17 kB