Upstream information

CVE-2011-1146 at MITRE

Description

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.89
Vector AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete

This issue is currently rated as having important severity.

SUSE Bugzilla entry: 678406 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12 SP1
  • libvirt >= 1.2.18.1-4.22
  • libvirt-client >= 1.2.18.1-4.22
  • libvirt-client-32bit >= 1.2.18.1-4.22
  • libvirt-daemon >= 1.2.18.1-4.22
  • libvirt-daemon-config-network >= 1.2.18.1-4.22
  • libvirt-daemon-config-nwfilter >= 1.2.18.1-4.22
  • libvirt-daemon-driver-interface >= 1.2.18.1-4.22
  • libvirt-daemon-driver-libxl >= 1.2.18.1-4.22
  • libvirt-daemon-driver-lxc >= 1.2.18.1-4.22
  • libvirt-daemon-driver-network >= 1.2.18.1-4.22
  • libvirt-daemon-driver-nodedev >= 1.2.18.1-4.22
  • libvirt-daemon-driver-nwfilter >= 1.2.18.1-4.22
  • libvirt-daemon-driver-qemu >= 1.2.18.1-4.22
  • libvirt-daemon-driver-secret >= 1.2.18.1-4.22
  • libvirt-daemon-driver-storage >= 1.2.18.1-4.22
  • libvirt-daemon-lxc >= 1.2.18.1-4.22
  • libvirt-daemon-qemu >= 1.2.18.1-4.22
  • libvirt-daemon-xen >= 1.2.18.1-4.22
  • libvirt-doc >= 1.2.18.1-4.22
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA libvirt
SUSE Linux Enterprise Desktop 12 SP2
  • libvirt >= 2.0.0-26.2
  • libvirt-client >= 2.0.0-26.2
  • libvirt-client-32bit >= 2.0.0-26.2
  • libvirt-daemon >= 2.0.0-26.2
  • libvirt-daemon-config-network >= 2.0.0-26.2
  • libvirt-daemon-config-nwfilter >= 2.0.0-26.2
  • libvirt-daemon-driver-interface >= 2.0.0-26.2
  • libvirt-daemon-driver-libxl >= 2.0.0-26.2
  • libvirt-daemon-driver-lxc >= 2.0.0-26.2
  • libvirt-daemon-driver-network >= 2.0.0-26.2
  • libvirt-daemon-driver-nodedev >= 2.0.0-26.2
  • libvirt-daemon-driver-nwfilter >= 2.0.0-26.2
  • libvirt-daemon-driver-qemu >= 2.0.0-26.2
  • libvirt-daemon-driver-secret >= 2.0.0-26.2
  • libvirt-daemon-driver-storage >= 2.0.0-26.2
  • libvirt-daemon-lxc >= 2.0.0-26.2
  • libvirt-daemon-qemu >= 2.0.0-26.2
  • libvirt-daemon-xen >= 2.0.0-26.2
  • libvirt-doc >= 2.0.0-26.2
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA libvirt
SUSE Linux Enterprise Server 12 SP2
  • libvirt >= 2.0.0-26.2
  • libvirt-client >= 2.0.0-26.2
  • libvirt-client-debuginfo >= 2.0.0-26.2
  • libvirt-daemon >= 2.0.0-26.2
  • libvirt-daemon-config-network >= 2.0.0-26.2
  • libvirt-daemon-config-nwfilter >= 2.0.0-26.2
  • libvirt-daemon-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-interface >= 2.0.0-26.2
  • libvirt-daemon-driver-interface-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-libxl >= 2.0.0-26.2
  • libvirt-daemon-driver-libxl-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-lxc >= 2.0.0-26.2
  • libvirt-daemon-driver-lxc-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-network >= 2.0.0-26.2
  • libvirt-daemon-driver-network-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-nodedev >= 2.0.0-26.2
  • libvirt-daemon-driver-nodedev-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-nwfilter >= 2.0.0-26.2
  • libvirt-daemon-driver-nwfilter-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-qemu >= 2.0.0-26.2
  • libvirt-daemon-driver-qemu-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-secret >= 2.0.0-26.2
  • libvirt-daemon-driver-secret-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-driver-storage >= 2.0.0-26.2
  • libvirt-daemon-driver-storage-debuginfo >= 2.0.0-26.2
  • libvirt-daemon-lxc >= 2.0.0-26.2
  • libvirt-daemon-qemu >= 2.0.0-26.2
  • libvirt-daemon-xen >= 2.0.0-26.2
  • libvirt-debugsource >= 2.0.0-26.2
  • libvirt-doc >= 2.0.0-26.2
  • libvirt-lock-sanlock >= 2.0.0-26.2
  • libvirt-lock-sanlock-debuginfo >= 2.0.0-26.2
  • libvirt-nss >= 2.0.0-26.2
  • libvirt-nss-debuginfo >= 2.0.0-26.2
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA libvirt
SUSE Linux Enterprise Software Development Kit 11 SP1
  • libvirt-devel >= 0.7.6-1.21.1
  • xen-devel >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Desktop 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-kmp-pae >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Desktop 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Server 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-doc-html >= 4.0.1_21326_08-0.5.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-kmp-pae >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
SUSE Linux Enterprise Server 11 SP1
  • libvirt >= 0.7.6-1.21.1
  • libvirt-doc >= 0.7.6-1.21.1
  • libvirt-python >= 0.7.6-1.21.1
  • vm-install >= 0.4.30-0.3.2
  • xen >= 4.0.1_21326_08-0.5.1
  • xen-doc-html >= 4.0.1_21326_08-0.5.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.5.1
  • xen-kmp-default >= 4.0.1_21326_08_2.6.32.36_0.5-0.5.1
  • xen-libs >= 4.0.1_21326_08-0.5.1
  • xen-tools >= 4.0.1_21326_08-0.5.1
  • xen-tools-domU >= 4.0.1_21326_08-0.5.1
sle11-sp1-sdk.x86-64
sles11-sp1.x86-64
sles11-sp1.x86
sled11-sp1.x86-64
sle11-sp1-sdk.x86
sled11-sp1.x86
SAT Patch Nr: 4491
openSUSE 11.3
  • xen-debugsource >= 4.0.1_21326_08-0.7.1
  • xen-kmp-default-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-desktop-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-pae-debuginfo >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-libs-debuginfo >= 4.0.1_21326_08-0.7.1
  • xen-tools-debuginfo >= 4.0.1_21326_08-0.7.1
  • xen-tools-domU-debuginfo >= 4.0.1_21326_08-0.7.1
openSUSE 11.3
  • vm-install >= 0.4.30-0.4.1
  • xen >= 4.0.1_21326_08-0.7.1
  • xen-devel >= 4.0.1_21326_08-0.7.1
  • xen-doc-html >= 4.0.1_21326_08-0.7.1
  • xen-doc-pdf >= 4.0.1_21326_08-0.7.1
  • xen-kmp-default >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-desktop >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-kmp-pae >= 4.0.1_21326_08_k2.6.34.8_0.2-0.7.1
  • xen-libs >= 4.0.1_21326_08-0.7.1
  • xen-tools >= 4.0.1_21326_08-0.7.1
  • xen-tools-domU >= 4.0.1_21326_08-0.7.1
openSUSE 11.2
  • libvirt-debuginfo >= 0.7.2-1.1.5.1
  • libvirt-debugsource >= 0.7.2-1.1.5.1
  • libvirt-python-debuginfo >= 0.7.2-1.1.5.1
openSUSE 11.2
  • libvirt >= 0.7.2-1.1.5.1
  • libvirt-devel >= 0.7.2-1.1.5.1
  • libvirt-doc >= 0.7.2-1.1.5.1
  • libvirt-python >= 0.7.2-1.1.5.1
openSUSE 11.3
  • libvirt-client-debuginfo >= 0.8.1-4.6.2
  • libvirt-debuginfo >= 0.8.1-4.6.2
  • libvirt-debugsource >= 0.8.1-4.6.2
  • libvirt-python-debuginfo >= 0.8.1-4.6.2
openSUSE 11.3
  • libvirt >= 0.8.1-4.6.2
  • libvirt-client >= 0.8.1-4.6.2
  • libvirt-devel >= 0.8.1-4.6.2
  • libvirt-doc >= 0.8.1-4.6.2
  • libvirt-python >= 0.8.1-4.6.2
openSUSE 11.4
  • libvirt >= 0.8.8-0.6.1
  • libvirt-client >= 0.8.8-0.6.1
  • libvirt-devel >= 0.8.8-0.6.1
  • libvirt-doc >= 0.8.8-0.6.1
  • libvirt-python >= 0.8.8-0.6.1
openSUSE 11.4
  • vm-install >= 0.4.30-0.3.1
  • xen >= 4.0.2_02-4.9.2
  • xen-devel >= 4.0.2_02-4.9.2
  • xen-doc-html >= 4.0.2_02-4.9.2
  • xen-doc-pdf >= 4.0.2_02-4.9.2
  • xen-kmp-default >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-desktop >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-pae >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-libs >= 4.0.2_02-4.9.2
  • xen-tools >= 4.0.2_02-4.9.2
  • xen-tools-domU >= 4.0.2_02-4.9.2
openSUSE 11.4
  • libvirt >= 0.8.8-0.6.1
  • libvirt-client >= 0.8.8-0.6.1
  • libvirt-client-debuginfo >= 0.8.8-0.6.1
  • libvirt-debuginfo >= 0.8.8-0.6.1
  • libvirt-debugsource >= 0.8.8-0.6.1
  • libvirt-devel >= 0.8.8-0.6.1
  • libvirt-doc >= 0.8.8-0.6.1
  • libvirt-python >= 0.8.8-0.6.1
  • libvirt-python-debuginfo >= 0.8.8-0.6.1
  • vm-install >= 0.4.30-0.3.1
  • xen >= 4.0.2_02-4.9.2
  • xen-debugsource >= 4.0.2_02-4.9.2
  • xen-devel >= 4.0.2_02-4.9.2
  • xen-doc-html >= 4.0.2_02-4.9.2
  • xen-doc-pdf >= 4.0.2_02-4.9.2
  • xen-kmp-default >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-default-debuginfo >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-desktop >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-desktop-debuginfo >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-pae >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-kmp-pae-debuginfo >= 4.0.2_02_k2.6.37.6_0.5-4.9.2
  • xen-libs >= 4.0.2_02-4.9.2
  • xen-libs-debuginfo >= 4.0.2_02-4.9.2
  • xen-tools >= 4.0.2_02-4.9.2
  • xen-tools-debuginfo >= 4.0.2_02-4.9.2
  • xen-tools-domU >= 4.0.2_02-4.9.2
  • xen-tools-domU-debuginfo >= 4.0.2_02-4.9.2
Patchnames:
libvirt
xen-201105
openSUSE 13.2
  • libvirt >= 1.2.9-1.3
  • libvirt-client >= 1.2.9-1.3
  • libvirt-daemon >= 1.2.9-1.3
  • libvirt-daemon-config-network >= 1.2.9-1.3
  • libvirt-daemon-config-nwfilter >= 1.2.9-1.3
  • libvirt-daemon-driver-interface >= 1.2.9-1.3
  • libvirt-daemon-driver-libxl >= 1.2.9-1.3
  • libvirt-daemon-driver-lxc >= 1.2.9-1.3
  • libvirt-daemon-driver-network >= 1.2.9-1.3
  • libvirt-daemon-driver-nodedev >= 1.2.9-1.3
  • libvirt-daemon-driver-nwfilter >= 1.2.9-1.3
  • libvirt-daemon-driver-qemu >= 1.2.9-1.3
  • libvirt-daemon-driver-secret >= 1.2.9-1.3
  • libvirt-daemon-driver-storage >= 1.2.9-1.3
  • libvirt-daemon-driver-uml >= 1.2.9-1.3
  • libvirt-daemon-driver-vbox >= 1.2.9-1.3
  • libvirt-daemon-driver-xen >= 1.2.9-1.3
  • libvirt-daemon-qemu >= 1.2.9-1.3
  • libvirt-daemon-xen >= 1.2.9-1.3
Patchnames:
openSUSE 13.2 GA libvirt
openSUSE Leap 42.1
  • libvirt >= 1.2.18.1-3.2
  • libvirt-client >= 1.2.18.1-3.2
  • libvirt-daemon >= 1.2.18.1-3.2
  • libvirt-daemon-config-network >= 1.2.18.1-3.2
  • libvirt-daemon-config-nwfilter >= 1.2.18.1-3.2
  • libvirt-daemon-driver-interface >= 1.2.18.1-3.2
  • libvirt-daemon-driver-libxl >= 1.2.18.1-3.2
  • libvirt-daemon-driver-lxc >= 1.2.18.1-3.2
  • libvirt-daemon-driver-network >= 1.2.18.1-3.2
  • libvirt-daemon-driver-nodedev >= 1.2.18.1-3.2
  • libvirt-daemon-driver-nwfilter >= 1.2.18.1-3.2
  • libvirt-daemon-driver-qemu >= 1.2.18.1-3.2
  • libvirt-daemon-driver-secret >= 1.2.18.1-3.2
  • libvirt-daemon-driver-storage >= 1.2.18.1-3.2
  • libvirt-daemon-driver-uml >= 1.2.18.1-3.2
  • libvirt-daemon-driver-vbox >= 1.2.18.1-3.2
  • libvirt-daemon-lxc >= 1.2.18.1-3.2
  • libvirt-daemon-qemu >= 1.2.18.1-3.2
  • libvirt-daemon-xen >= 1.2.18.1-3.2
Patchnames:
openSUSE Leap 42.1 GA libvirt
openSUSE Leap 42.2
  • libvirt >= 2.0.0-9.1
  • libvirt-client >= 2.0.0-9.1
  • libvirt-daemon >= 2.0.0-9.1
  • libvirt-daemon-config-network >= 2.0.0-9.1
  • libvirt-daemon-config-nwfilter >= 2.0.0-9.1
  • libvirt-daemon-driver-interface >= 2.0.0-9.1
  • libvirt-daemon-driver-libxl >= 2.0.0-9.1
  • libvirt-daemon-driver-lxc >= 2.0.0-9.1
  • libvirt-daemon-driver-network >= 2.0.0-9.1
  • libvirt-daemon-driver-nodedev >= 2.0.0-9.1
  • libvirt-daemon-driver-nwfilter >= 2.0.0-9.1
  • libvirt-daemon-driver-qemu >= 2.0.0-9.1
  • libvirt-daemon-driver-secret >= 2.0.0-9.1
  • libvirt-daemon-driver-storage >= 2.0.0-9.1
  • libvirt-daemon-driver-uml >= 2.0.0-9.1
  • libvirt-daemon-driver-vbox >= 2.0.0-9.1
  • libvirt-daemon-lxc >= 2.0.0-9.1
  • libvirt-daemon-qemu >= 2.0.0-9.1
  • libvirt-daemon-xen >= 2.0.0-9.1
Patchnames:
openSUSE Leap 42.2 GA libvirt