| Reported on: | 20160111 |
|---|---|
| Published on: | 20160111 |
| Fixed on: | 20160111 |
| Reported by: | Michal Privoznik |
|---|---|
| Patched by: | Michal Privoznik |
The virDomainGetTime API will talk to a guest agent on some hypervisors like QEMU, and so must be forbidden on read-only connections to libvirt
An unprivileged user on the virtualization host can invoke the virDomainGetTime API which talks to the QEMU guest agent. If this user also has administrative privileges in the guest, they can use a malicious guest agent to inflict a denial of service on libvirt potentially blocking further API calls on that guest for a period of time.
Disable the QEMU agent in any VMs whose admin is not trustworthy. Alternative reconfigure the host access control to block use of the readonly libvirtd socket
| Branch | master |
|---|---|
| Broken in: | v1.2.5 |
| Broken in: | v1.2.6 |
| Broken in: | v1.2.7 |
| Broken in: | v1.2.8 |
| Broken in: | v1.2.9 |
| Broken in: | v1.2.10 |
| Broken in: | v1.2.11 |
| Broken in: | v1.2.12 |
| Broken in: | v1.2.13 |
| Broken in: | v1.2.14 |
| Broken in: | v1.2.15 |
| Broken in: | v1.2.16 |
| Broken in: | v1.2.17 |
| Broken in: | v1.2.18 |
| Broken in: | v1.2.19 |
| Broken in: | v1.2.20 |
| Broken in: | v1.2.21 |
| Broken in: | v1.3.0 |
| Fixed in: | v1.3.1 |
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Fixed by: | 506e9d6c2d4baaf580d489fff0690c0ff2ff588f |
| Branch | v1.2.5-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.6-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.7-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.8-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.9-maint |
|---|---|
| Broken in: | v1.2.9.1 |
| Broken in: | v1.2.9.2 |
| Broken in: | v1.2.9.3 |
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.10-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.11-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.12-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.13-maint |
|---|---|
| Broken in: | v1.2.13.1 |
| Broken in: | v1.2.13.2 |
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.14-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.15-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.16-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.17-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.18-maint |
|---|---|
| Broken in: | v1.2.18.1 |
| Broken in: | v1.2.18.2 |
| Broken in: | v1.2.18.3 |
| Broken in: | v1.2.18.4 |
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.19-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.20-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.2.21-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |
| Branch | v1.3.0-maint |
|---|---|
| Broken by: | 0abb36938027f3991f3ce5151b31cca9737a1287 |