Libvirt Security Notice: LSN-2019-0002 ====================================== Summary: Crash after running guest agent command to fetch interfaces Reported on: 20190102 Published on: 20190104 Fixed on: 20190104 Reported by: Gordon Watson Patched by: Ján Tomko See also: CVE-2019-3840 Description ----------- If the guest agent does not reply to the command for listing interfaces, libvirt will reference a NULL pointer trying to parse a reply that doesn't exist Impact ------ A malicious QEMU guest agent can trigger a crash in the libvirtd daemon when the host admin queries guest interfaces Workaround ---------- Avoid quering the guest network interfaces, or disable use of the QEMU guest agent in trusted guests Affected product ---------------- Name: libvirt Repository: https://gitlab.com/libvirt/libvirt Branch: master Broken in: v1.2.14 Broken in: v1.2.15 Broken in: v1.2.16 Broken in: v1.2.17 Broken in: v1.2.18 Broken in: v1.2.19 Broken in: v1.2.20 Broken in: v1.2.21 Broken in: v1.3.0 Broken in: v1.3.1 Broken in: v1.3.2 Broken in: v1.3.3 Broken in: v1.3.4 Broken in: v1.3.5 Broken in: v2.0.0 Broken in: v2.1.0 Broken in: v2.2.0 Broken in: v2.3.0 Broken in: v2.4.0 Broken in: v2.5.0 Broken in: v3.0.0 Broken in: v3.1.0 Broken in: v3.2.0 Broken in: v3.3.0 Broken in: v3.4.0 Broken in: v3.5.0 Broken in: v3.6.0 Broken in: v3.7.0 Broken in: v3.8.0 Broken in: v3.9.0 Broken in: v3.10.0 Broken in: v4.0.0 Broken in: v4.1.0 Broken in: v4.2.0 Broken in: v4.3.0 Broken in: v4.4.0 Broken in: v4.5.0 Broken in: v4.6.0 Broken in: v4.7.0 Broken in: v4.8.0 Broken in: v4.9.0 Broken in: v4.10.0 Fixed in: v5.0.0 Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Fixed by: 7cfd1fbb1332ae5df678b9f41a62156cb2e88c73 Branch: v1.2.14-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.15-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.16-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.17-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.18-maint Broken in: v1.2.18.1 Broken in: v1.2.18.2 Broken in: v1.2.18.3 Broken in: v1.2.18.4 Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.19-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.20-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.2.21-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.3.0-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.3.1-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.3.2-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.3.3-maint Broken in: v1.3.3.1 Broken in: v1.3.3.2 Broken in: v1.3.3.3 Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.3.4-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v1.3.5-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v2.0-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v2.1-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v2.2-maint Broken in: v2.2.1 Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v3.0-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v3.2-maint Broken in: v3.2.1 Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v3.7-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v4.1-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520 Branch: v4.5-maint Broken by: 0977b8aa071de550e1a013d35e2c72615e65d520