| Reported on: | 20190430 |
|---|---|
| Published on: | 20190421 |
| Fixed on: | 20190421 |
| Reported by: | Daniel P. Berrangé |
|---|---|
| Patched by: | Daniel P. Berrangé |
The virtlockd-admin.socket and virtlogd-admin.socket unit files do not set the SocketMode parameter and thus create a world accessible UNIX domain socket. Furthermore the code fails to validate the identity of clients connecting to these sockets.
An unprivileged user is able to connect to the virtlockd or virtlogd daemons and use the administrative RPC commands to elevate their privileges
Disable the virtlockd-admin.socket and virtlogd-admin.socket units in systemd. Alternative customize them to add SocketMode=0600 locally.
| Branch | master |
|---|---|
| Broken in: | v4.1.0 |
| Broken in: | v4.2.0 |
| Broken in: | v4.3.0 |
| Broken in: | v4.4.0 |
| Broken in: | v4.5.0 |
| Broken in: | v4.6.0 |
| Broken in: | v4.7.0 |
| Broken in: | v4.8.0 |
| Broken in: | v4.9.0 |
| Broken in: | v4.10.0 |
| Broken in: | v5.0.0 |
| Broken in: | v5.1.0 |
| Broken in: | v5.2.0 |
| Broken in: | v5.3.0 |
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7 |
| Fixed by: | f111e09468693909b1f067aa575efdafd9a262a1 |
| Fixed by: | e37bd65f9948c1185456b2cdaa3bd6e875af680f |
| Branch | v4.1-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 39fb5ab3125d1669344bab94ccb71bce814d9ae2 |
| Fixed by: | 41f06e6095e17b61b2af35821d204afc5c34777c |
| Fixed by: | f0e014133104cdb5af5c7d96a7aa6dc0f1bbb03c |
| Branch | v4.2-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 9bef445981a244622bfd64086d91016868656978 |
| Fixed by: | 63095b01eb9d9629c34a8a7c8a4b5ffd611b51c3 |
| Fixed by: | f845754de1b44375879bae4937acfb5d0965ac08 |
| Branch | v4.3-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | acf17630336568984e3e00d356fd75cdf2b1f09c |
| Fixed by: | 93d9f05684c818fb5eab9ffef7a4f9f9adbd7d02 |
| Fixed by: | 59fe946efccc1fe28a734a91de27550ece9467d5 |
| Branch | v4.4-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | ebc49c1dff2fc1999963dd225c3f9a7beb90e87b |
| Fixed by: | 13d340b328ad2d567f2878cfeedacd114a9172a7 |
| Fixed by: | faac7d474ad696f7e105ba776167f8d18d78d5d7 |
| Branch | v4.5-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | d1017aeee9da6d3db4389141b0f07f0a8204303d |
| Fixed by: | 618358632b6bfe93e46f038656609cf79b471bef |
| Fixed by: | ec58805400e8d394169af2355168bc439586f414 |
| Branch | v4.6-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 99decb0a65227aac7b072f9e1751b75ac50a62a5 |
| Fixed by: | 223167124cf5c056c12d7c174307e490aa5fd2b3 |
| Fixed by: | 0a9c2082e65579ab814fce701e58f91a71a73c11 |
| Branch | v4.7-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | dfd22fc50f8f268b9810d2ef21adada021f740eb |
| Fixed by: | 54005b84b0165b62b2ef88c7df229bddbaa29e76 |
| Fixed by: | 030fdf57255f97289a407529194bf26c77548acb |
| Branch | v4.8-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 4369e90f8cacb24b55a22321923954874c14b44b |
| Fixed by: | 257c5589fe5138fdb36d434162b97599cc470f9b |
| Fixed by: | 5c3dcd0dd416f28520ce3a8fd33222b01c5a33a1 |
| Branch | v4.9-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | b0f788c2d3d9930015258a7df95dde80a498e657 |
| Fixed by: | ea014c9fcf19539c75a7cb6926b14858426746a7 |
| Fixed by: | a474f18dceed61d562508980999e5f2d7445d683 |
| Branch | v4.10-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 8d12118171a250150f2cb16448c49271a1dcb077 |
| Fixed by: | a712f01682078f48d3c258bff8cd523ab9100b0d |
| Fixed by: | f8d8a7a182c0854fa50d3976077b3a3d8de8980f |
| Branch | v5.0-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 78a00c539d271a250c62260bbf2c2594714b7e9b |
| Fixed by: | 5aa8b8d1b118f52bb2209c87482824b3ffac74c2 |
| Fixed by: | be311e1ba9b7ac7f17a0f3d1a34496de50a7b914 |
| Branch | v5.1-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | 44a0bcdb107eb7ac251f9aa5a316f4c161f43542 |
| Fixed by: | 771a7f2fa86a736770c3470f2a0fccd60cce3e9f |
| Fixed by: | 4aa6ce7dad1a0b66afd32f02fa17319762bb12b1 |
| Branch | v5.2-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | de48bfbe09a00d743eef4b3a7b03b1af0e26fa9d |
| Fixed by: | 16a5284eb1be6b0c00e277b604e62f394b426fbc |
| Fixed by: | c909c8e185a14bbab82564f219c0bb492a81ca43 |
| Branch | v5.3-maint |
|---|---|
| Broken by: | 85d45ff05db4a41ac3678ee0d4457b6b3323597e |
| Broken by: | ce7ae55ea1113bc574c5b5a61828e67fbd0e506f |
| Fixed by: | fd48a871a9dcdb8b8b1eb39612e5df870a7e2c3c |
| Fixed by: | 8c2c611df31d3b37f149385e4597c47300ae1489 |
| Fixed by: | a968b3103c503db8a9fb6c9d64f0dd49d3b6f2a3 |