Libvirt Security Notice: LSN-2014-0002

Missing access control check on events

Lifecycle

Reported on: 20140103
Published on: 20140115
Fixed on: 20140115

Credits

Reported by: Eric Blake
Patched by: Eric Blake

See also

Description

The asynchronous events were not filtered based on any permission check prior to being dispatched to the client. This could lead to the client learning about the existence of domains that they are not authorized to see.

Impact

A client can use events to learn of domains that they are not authorized to see. Additionally, the client can use that object to attempt other actions on the domain, such as starting or stopping it.

Workaround

Prevent untrusted clients from connecting to libvirtd

Affected product: libvirt

Branch master
Broken in: v1.1.0
Broken in: v1.1.1
Broken in: v1.1.2
Broken in: v1.1.3
Broken in: v1.1.4
Broken in: v1.2.0
Fixed in: v1.2.1
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: f9f56340539d609cdc2e9d4ab812b9f146c3f100
Branch v1.1.0-maint
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: cdf29d950c247d06aaa69778238d7cc164c05291
Branch v1.1.1-maint
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: 1d0e4fbf9572ad34045a4f9d87601297a5244c38
Branch v1.1.2-maint
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: fb5a3190c6409897744a244c6e0d5e2d52d34b39
Branch v1.1.3-maint
Broken in: v1.1.3.1
Broken in: v1.1.3.2
Fixed in: v1.1.3.3
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: 51afa9a255d7a073373ad4533eff58bd819890e8
Branch v1.1.4-maint
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: 7ccc13599652722d6aa000b61270c0786d610b9e
Branch v1.2.0-maint
Broken by: ed3bac713c3cfc055ef551cbfe92a061084382c3
Fixed by: eb7ec2312ba968c745031c7432b4fd007cd52d3a

Alternative formats: [xml] [text]