(RHSA-2019:1762) Important: virt:8.0.0 security update

2019-07-1115:06:35

access.redhat.com

0.0004 Low

EPSS

Percentile

14.4%

JSON

The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products.

Security Fix(es):

libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API (CVE-2019-10161)
libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients (CVE-2019-10166)
libvirt: arbitrary command execution via virConnectGetDomainCapabilities API (CVE-2019-10167)
libvirt: arbitrary command execution via virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU APIs (CVE-2019-10168)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHatanyppc64lelibvirt-devel< 5.0.0-7.2.module+el8.0.0.z+3438+2851622elibvirt-devel-5.0.0-7.2.module+el8.0.0.z+3438+2851622e.ppc64le.rpm
RedHatanys390xlibguestfs-tools-c-debuginfo< 1.40.2-1.module+el8.0.0.z+3438+2851622elibguestfs-tools-c-debuginfo-1.40.2-1.module+el8.0.0.z+3438+2851622e.s390x.rpm
RedHatanyx86_64qemu-kvm-block-ssh< 3.1.0-20.module+el8.0.0.z+3438+2851622e.1qemu-kvm-block-ssh-3.1.0-20.module+el8.0.0.z+3438+2851622e.1.x86_64.rpm
RedHatanys390xlibiscsi-devel< 1.18.0-6.module+el8.0.0.z+3438+2851622elibiscsi-devel-1.18.0-6.module+el8.0.0.z+3438+2851622e.s390x.rpm
RedHatanyaarch64qemu-kvm-common-debuginfo< 3.1.0-20.module+el8.0.0.z+3438+2851622e.1qemu-kvm-common-debuginfo-3.1.0-20.module+el8.0.0.z+3438+2851622e.1.aarch64.rpm
RedHatanynoarchlibguestfs-bash-completion< 1.40.2-1.module+el8.0.0.z+3438+2851622elibguestfs-bash-completion-1.40.2-1.module+el8.0.0.z+3438+2851622e.noarch.rpm
RedHatanyppc64lelibguestfs-xfs< 1.40.2-1.module+el8.0.0.z+3438+2851622elibguestfs-xfs-1.40.2-1.module+el8.0.0.z+3438+2851622e.ppc64le.rpm
RedHatanyx86_64python3-libvirt< 5.0.0-3.module+el8.0.0.z+3438+2851622epython3-libvirt-5.0.0-3.module+el8.0.0.z+3438+2851622e.x86_64.rpm
RedHatanyaarch64qemu-kvm-block-rbd-debuginfo< 3.1.0-20.module+el8.0.0.z+3438+2851622e.1qemu-kvm-block-rbd-debuginfo-3.1.0-20.module+el8.0.0.z+3438+2851622e.1.aarch64.rpm
RedHatanyaarch64libvirt-daemon-driver-interface-debuginfo< 5.0.0-7.2.module+el8.0.0.z+3438+2851622elibvirt-daemon-driver-interface-debuginfo-5.0.0-7.2.module+el8.0.0.z+3438+2851622e.aarch64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	any	ppc64le	libvirt-devel	< 5.0.0-7.2.module+el8.0.0.z+3438+2851622e	libvirt-devel-5.0.0-7.2.module+el8.0.0.z+3438+2851622e.ppc64le.rpm
RedHat	any	s390x	libguestfs-tools-c-debuginfo	< 1.40.2-1.module+el8.0.0.z+3438+2851622e	libguestfs-tools-c-debuginfo-1.40.2-1.module+el8.0.0.z+3438+2851622e.s390x.rpm
RedHat	any	x86_64	qemu-kvm-block-ssh	< 3.1.0-20.module+el8.0.0.z+3438+2851622e.1	qemu-kvm-block-ssh-3.1.0-20.module+el8.0.0.z+3438+2851622e.1.x86_64.rpm
RedHat	any	s390x	libiscsi-devel	< 1.18.0-6.module+el8.0.0.z+3438+2851622e	libiscsi-devel-1.18.0-6.module+el8.0.0.z+3438+2851622e.s390x.rpm
RedHat	any	aarch64	qemu-kvm-common-debuginfo	< 3.1.0-20.module+el8.0.0.z+3438+2851622e.1	qemu-kvm-common-debuginfo-3.1.0-20.module+el8.0.0.z+3438+2851622e.1.aarch64.rpm
RedHat	any	noarch	libguestfs-bash-completion	< 1.40.2-1.module+el8.0.0.z+3438+2851622e	libguestfs-bash-completion-1.40.2-1.module+el8.0.0.z+3438+2851622e.noarch.rpm
RedHat	any	ppc64le	libguestfs-xfs	< 1.40.2-1.module+el8.0.0.z+3438+2851622e	libguestfs-xfs-1.40.2-1.module+el8.0.0.z+3438+2851622e.ppc64le.rpm
RedHat	any	x86_64	python3-libvirt	< 5.0.0-3.module+el8.0.0.z+3438+2851622e	python3-libvirt-5.0.0-3.module+el8.0.0.z+3438+2851622e.x86_64.rpm
RedHat	any	aarch64	qemu-kvm-block-rbd-debuginfo	< 3.1.0-20.module+el8.0.0.z+3438+2851622e.1	qemu-kvm-block-rbd-debuginfo-3.1.0-20.module+el8.0.0.z+3438+2851622e.1.aarch64.rpm
RedHat	any	aarch64	libvirt-daemon-driver-interface-debuginfo	< 5.0.0-7.2.module+el8.0.0.z+3438+2851622e	libvirt-daemon-driver-interface-debuginfo-5.0.0-7.2.module+el8.0.0.z+3438+2851622e.aarch64.rpm