Libvirt Security Notice: LSN-2019-0001 ====================================== Summary: virDomainGetHostname and virDomainGetTime don't enforce read-only perms Reported on: 20190403 Published on: 20190403 Fixed on: 20190411 Reported by: Daniel P. Berrangé Patched by: Daniel P. Berrangé See also: CVE-2019-3886 Description ----------- The virDomainGetHostname API does not prevent use on a read only connection. Furthermore the fine grained ACL checking incorrectly validates read permissions instead of write permission. Impact ------ An unprivileged host OS user can connect to the read only libvirt socket and issue API calls that will make QEMU guest agent requests. If the guest OS agent misbehaves (accidentally or maliciously) these requests can block operation of other API calls made against the guest Workaround ---------- Disable the QEMU agent in any VMs whose admin is not trustworthy. Alternative reconfigure the host access control to block use of the readonly libvirtd socket Affected product ---------------- Name: libvirt Repository: https://gitlab.com/libvirt/libvirt Branch: master Broken in: v1.2.5 Broken in: v1.2.6 Broken in: v1.2.7 Broken in: v1.2.8 Broken in: v1.2.9 Broken in: v1.2.10 Broken in: v1.2.11 Broken in: v1.2.12 Broken in: v1.2.13 Broken in: v1.2.14 Broken in: v1.2.15 Broken in: v1.2.16 Broken in: v1.2.17 Broken in: v1.2.18 Broken in: v1.2.19 Broken in: v1.2.20 Broken in: v1.2.21 Broken in: v1.3.0 Broken in: v1.3.1 Broken in: v1.3.2 Broken in: v1.3.3 Broken in: v1.3.4 Broken in: v1.3.5 Broken in: v2.0.0 Broken in: v2.1.0 Broken in: v2.2.0 Broken in: v2.3.0 Broken in: v2.4.0 Broken in: v2.5.0 Broken in: v3.0.0 Broken in: v3.1.0 Broken in: v3.2.0 Broken in: v3.3.0 Broken in: v3.4.0 Broken in: v3.5.0 Broken in: v3.6.0 Broken in: v3.7.0 Broken in: v3.8.0 Broken in: v3.9.0 Broken in: v3.10.0 Broken in: v4.0.0 Broken in: v4.1.0 Broken in: v4.2.0 Broken in: v4.3.0 Broken in: v4.4.0 Broken in: v4.5.0 Broken in: v4.6.0 Broken in: v4.7.0 Broken in: v4.8.0 Broken in: v4.9.0 Broken in: v4.10.0 Broken in: v5.0.0 Broken in: v5.1.0 Broken in: v5.2.0 Fixed in: v5.3.0 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Fixed by: ae076bb40e0e150aef41361b64001138d04d6c60 Fixed by: 2a07c990bd9143d7a0fe8d1b6b7c763c52185240 Branch: v1.2.5-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.6-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.7-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.8-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.9-maint Broken in: v1.2.9.1 Broken in: v1.2.9.2 Broken in: v1.2.9.3 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.10-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.11-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.12-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.13-maint Broken in: v1.2.13.1 Broken in: v1.2.13.2 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.14-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.15-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.16-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.17-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.18-maint Broken in: v1.2.18.1 Broken in: v1.2.18.2 Broken in: v1.2.18.3 Broken in: v1.2.18.4 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.19-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.20-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.2.21-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.3.0-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.3.1-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.3.2-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.3.3-maint Broken in: v1.3.3.1 Broken in: v1.3.3.2 Broken in: v1.3.3.3 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.3.4-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v1.3.5-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v2.0-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v2.1-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v2.2-maint Broken in: v2.2.1 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v3.0-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v3.2-maint Broken in: v3.2.1 Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v3.7-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v4.1-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v4.5-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287 Branch: v5.1.0-maint Broken by: 0abb36938027f3991f3ce5151b31cca9737a1287