Bug 697904 (CVE-2011-2178) - VUL-0: CVE-2011-2178: libvirt: regression introduced in disk probe logic
Summary: VUL-0: CVE-2011-2178: libvirt: regression introduced in disk probe logic
Status: RESOLVED FIXED
Alias: CVE-2011-2178
Product: SUSE Security Incidents
Classification: Novell Products
Component: General (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Major
Target Milestone: ---
Deadline: 2011-06-28
Assignee: Security Team bot
QA Contact: Security Team bot
URL:
Whiteboard: maint:released:11.4:41590
Keywords:
Depends on:
Blocks:
 
Reported: 2011-06-03 10:20 UTC by Thomas Biege
Modified: 2019-05-02 08:50 UTC (History)
3 users (show)

See Also:
Found By: Development
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Biege 2011-06-03 10:20:16 UTC 
Hi.
There is a security bug in package 'libvirt'.

This information is from 'oss-security'.

This bug is public.

There is no coordinated release date (CRD) set.

CVE number: CVE-2011-2178
CVE description: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2178
CVSS v2 Base Score: 4.4 (moderate) (AV:L/AC:M/Au:S/C:C/I:N/A:N)


Original posting:



----------  Weitergeleitete Nachricht  ----------

Betreff: Re: [oss-security] CVE request -- libvirt: regression introduced in disk probe logic
Datum: Donnerstag, 2. Juni 2011, 22:03:40
Von: Josh Bressers <bressers@redhat.com>
An:  oss-security@lists.openwall.com
Kopie:  coley@linus.mitre.org

----- Original Message -----
> Hello Steve, vendors.
> 
> Description:
> Regression introduced in commit d6623003 (v0.8.8) - using the
> wrong sizeof operand meant that security manager private data
> was overlaying the allowDiskFOrmatProbing member of struct
> _virSecurityManager. This reopens disk probing, which was
> supposed to be prevented by the solution to CVE-YYYY-NNN.
> 
> References:
> https://www.redhat.com/archives/libvir-list/2011-May/msg01935.html
> https://bugzilla.redhat.com/show_bug.cgi?id=709769
> 

Please use CVE-2011-2178

Thanks.

-- 
    JB
Comment 1 James Fehlig 2011-06-06 18:17:00 UTC 
Only openSUSE11.4 is affected by this bug.  I've applied the upstream commit to 11.4 libvirt package and submitted to openSUSE:11.4:Update:Test, SR#72806.  Passing to security team ...
Comment 2 Bernhard Wiedemann 2011-06-06 19:00:08 UTC 
This is an autogenerated message for OBS integration:
This bug (697904) was mentioned in
https://build.opensuse.org/request/show/72806 11.4 / libvirt
Comment 3 Swamp Workflow Management 2011-06-14 14:38:23 UTC 
The SWAMPID for this issue is 41589.
This issue was rated as moderate.
Please submit fixed packages until 2011-06-28.
When done, please reassign the bug to security-team@suse.de.
Patchinfo will be handled by security team.
Comment 4 Swamp Workflow Management 2011-06-16 07:32:41 UTC 
Update released for: libvirt, libvirt-client, libvirt-client-debuginfo, libvirt-debuginfo, libvirt-debugsource, libvirt-devel, libvirt-doc, libvirt-python, libvirt-python-debuginfo
Products:
openSUSE 11.4 (debug, i586, x86_64)
Comment 5 Ludwig Nussel 2011-06-29 14:28:29 UTC 
released