Libvirt Security Notice: LSN-2014-0008

deadlock or segfault in virConnectGetAllDomainStats

Lifecycle

Reported on: 20141127
Published on: 20141205
Fixed on: 20141211

Credits

Reported by: Martin Kletzander
Patched by: Martin Kletzander
Francesco Romani

See also

Description

When using fine-grained ACLs to restrict users from accessing all domains, a logic bug in the qemu implementation of virConnectGetAllDomainStats could result in incorrect lock management of the next domain inspected after a domain that was skipped due to ACL restrictions.

Impact

A restricted client can trigger a denial of service against a more privileged user when libvirtd goes into deadlock when trying to lock an incorrectly locked domain, or crashes when trying to unlock a domain that was not locked.

Workaround

Stop use of the fine grained access control mechanism, or stop trying to use access control to restrict the set of domains that an authorized client can see.

Affected product: libvirt

Branch master
Broken in: v1.2.8
Broken in: v1.2.9
Broken in: v1.2.10
Fixed in: v1.2.11
Broken by: d1bde8eda3b4027b38c7c1d5942a6388b0458803
Broken by: 1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685
Fixed by: 57023c0a3af4af1c547189c1f6712ed5edeb0c0b
Fixed by: cb104ef734dfea12cb8826dba7e2c98912c4b7e1
Branch v1.2.8-maint
Broken by: d1bde8eda3b4027b38c7c1d5942a6388b0458803
Broken by: 1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685
Fixed by: 27431ec96e617f186bd3f5900aeb7d622770533a
Branch v1.2.9-maint
Broken in: v1.2.9.1
Fixed in: v1.2.9.2
Broken by: d1bde8eda3b4027b38c7c1d5942a6388b0458803
Broken by: 1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685
Fixed by: 5d8bee6d57cddf462912ad2fc544c8a57b1c2841
Fixed by: dfbdea7ea8fa36d9f27942c5b2882acfd86a3c3b
Branch v1.2.10-maint
Broken by: d1bde8eda3b4027b38c7c1d5942a6388b0458803
Broken by: 1f4831ee6ecc17d0f2008d7db15bfd9bc3b1d685
Fixed by: a20e818cb3f46d2dce586327dcc49ffcd82d94cb
Fixed by: a9638ae975a1c784d958e3fb2f0aab36b3ebddeb

Alternative formats: [xml] [text]