libvirt-7.7.0-2.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:11008 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libvirt-7.7.0-2.1 on GA media These are all security issues fixed in the libvirt-7.7.0-2.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-11008 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:11008 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2008-5086/ SUSE CVE CVE-2008-5086 page https://www.suse.com/security/cve/CVE-2017-1000256/ SUSE CVE CVE-2017-1000256 page https://www.suse.com/security/cve/CVE-2017-2635/ SUSE CVE CVE-2017-2635 page https://www.suse.com/security/cve/CVE-2018-1064/ SUSE CVE CVE-2018-1064 page https://www.suse.com/security/cve/CVE-2018-12126/ SUSE CVE CVE-2018-12126 page https://www.suse.com/security/cve/CVE-2018-12127/ SUSE CVE CVE-2018-12127 page https://www.suse.com/security/cve/CVE-2018-3639/ SUSE CVE CVE-2018-3639 page https://www.suse.com/security/cve/CVE-2018-5748/ SUSE CVE CVE-2018-5748 page https://www.suse.com/security/cve/CVE-2019-10132/ SUSE CVE CVE-2019-10132 page https://www.suse.com/security/cve/CVE-2019-10161/ SUSE CVE CVE-2019-10161 page https://www.suse.com/security/cve/CVE-2019-10166/ SUSE CVE CVE-2019-10166 page https://www.suse.com/security/cve/CVE-2019-10167/ SUSE CVE CVE-2019-10167 page https://www.suse.com/security/cve/CVE-2019-10168/ SUSE CVE CVE-2019-10168 page https://www.suse.com/security/cve/CVE-2019-11135/ SUSE CVE CVE-2019-11135 page https://www.suse.com/security/cve/CVE-2019-3886/ SUSE CVE CVE-2019-3886 page https://www.suse.com/security/cve/CVE-2020-10701/ SUSE CVE CVE-2020-10701 page https://www.suse.com/security/cve/CVE-2020-14339/ SUSE CVE CVE-2020-14339 page https://www.suse.com/security/cve/CVE-2020-15708/ SUSE CVE CVE-2020-15708 page https://www.suse.com/security/cve/CVE-2020-25637/ SUSE CVE CVE-2020-25637 page https://www.suse.com/security/cve/CVE-2021-3631/ SUSE CVE CVE-2021-3631 page https://www.suse.com/security/cve/CVE-2021-3667/ SUSE CVE CVE-2021-3667 page openSUSE Tumbleweed libvirt-7.7.0-2.1 libvirt-client-7.7.0-2.1 libvirt-daemon-7.7.0-2.1 libvirt-daemon-config-network-7.7.0-2.1 libvirt-daemon-config-nwfilter-7.7.0-2.1 libvirt-daemon-driver-interface-7.7.0-2.1 libvirt-daemon-driver-libxl-7.7.0-2.1 libvirt-daemon-driver-lxc-7.7.0-2.1 libvirt-daemon-driver-network-7.7.0-2.1 libvirt-daemon-driver-nodedev-7.7.0-2.1 libvirt-daemon-driver-nwfilter-7.7.0-2.1 libvirt-daemon-driver-qemu-7.7.0-2.1 libvirt-daemon-driver-secret-7.7.0-2.1 libvirt-daemon-driver-storage-7.7.0-2.1 libvirt-daemon-driver-storage-core-7.7.0-2.1 libvirt-daemon-driver-storage-disk-7.7.0-2.1 libvirt-daemon-driver-storage-gluster-7.7.0-2.1 libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 libvirt-daemon-driver-storage-logical-7.7.0-2.1 libvirt-daemon-driver-storage-mpath-7.7.0-2.1 libvirt-daemon-driver-storage-rbd-7.7.0-2.1 libvirt-daemon-driver-storage-scsi-7.7.0-2.1 libvirt-daemon-hooks-7.7.0-2.1 libvirt-daemon-lxc-7.7.0-2.1 libvirt-daemon-qemu-7.7.0-2.1 libvirt-daemon-xen-7.7.0-2.1 libvirt-devel-7.7.0-2.1 libvirt-devel-32bit-7.7.0-2.1 libvirt-doc-7.7.0-2.1 libvirt-libs-7.7.0-2.1 libvirt-lock-sanlock-7.7.0-2.1 libvirt-nss-7.7.0-2.1 wireshark-plugin-libvirt-7.7.0-2.1 libvirt-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-client-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-config-network-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-config-nwfilter-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-interface-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-libxl-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-lxc-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-network-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-nodedev-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-nwfilter-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-qemu-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-secret-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-core-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-disk-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-gluster-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-logical-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-mpath-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-rbd-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-driver-storage-scsi-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-hooks-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-lxc-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-qemu-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-daemon-xen-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-devel-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-devel-32bit-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-doc-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-libs-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-lock-sanlock-7.7.0-2.1 as a component of openSUSE Tumbleweed libvirt-nss-7.7.0-2.1 as a component of openSUSE Tumbleweed wireshark-plugin-libvirt-7.7.0-2.1 as a component of openSUSE Tumbleweed Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions. CVE-2008-5086 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2008-5086.html CVE-2008-5086 https://bugzilla.suse.com/459009 SUSE Bug 459009 libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default. CVE-2017-1000256 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-1000256.html CVE-2017-1000256 https://bugzilla.suse.com/1062563 SUSE Bug 1062563 A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service. CVE-2017-2635 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate 1.9 AV:L/AC:M/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-2635.html CVE-2017-2635 https://bugzilla.suse.com/1027075 SUSE Bug 1027075 libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. CVE-2018-1064 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-1064.html CVE-2018-1064 https://bugzilla.suse.com/1076500 SUSE Bug 1076500 https://bugzilla.suse.com/1083625 SUSE Bug 1083625 https://bugzilla.suse.com/1087887 SUSE Bug 1087887 https://bugzilla.suse.com/1088147 SUSE Bug 1088147 Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2018-12126 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-12126.html CVE-2018-12126 https://bugzilla.suse.com/1103186 SUSE Bug 1103186 https://bugzilla.suse.com/1111331 SUSE Bug 1111331 https://bugzilla.suse.com/1132686 SUSE Bug 1132686 https://bugzilla.suse.com/1135409 SUSE Bug 1135409 https://bugzilla.suse.com/1135524 SUSE Bug 1135524 https://bugzilla.suse.com/1137916 SUSE Bug 1137916 https://bugzilla.suse.com/1138534 SUSE Bug 1138534 https://bugzilla.suse.com/1141977 SUSE Bug 1141977 https://bugzilla.suse.com/1149725 SUSE Bug 1149725 https://bugzilla.suse.com/1149726 SUSE Bug 1149726 https://bugzilla.suse.com/1149729 SUSE Bug 1149729 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf CVE-2018-12127 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-12127.html CVE-2018-12127 https://bugzilla.suse.com/1103186 SUSE Bug 1103186 https://bugzilla.suse.com/1111331 SUSE Bug 1111331 https://bugzilla.suse.com/1132686 SUSE Bug 1132686 https://bugzilla.suse.com/1135409 SUSE Bug 1135409 https://bugzilla.suse.com/1138534 SUSE Bug 1138534 https://bugzilla.suse.com/1141977 SUSE Bug 1141977 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. CVE-2018-3639 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-3639.html CVE-2018-3639 https://bugzilla.suse.com/1074701 SUSE Bug 1074701 https://bugzilla.suse.com/1085235 SUSE Bug 1085235 https://bugzilla.suse.com/1085308 SUSE Bug 1085308 https://bugzilla.suse.com/1087078 SUSE Bug 1087078 https://bugzilla.suse.com/1087082 SUSE Bug 1087082 https://bugzilla.suse.com/1092631 SUSE Bug 1092631 https://bugzilla.suse.com/1092885 SUSE Bug 1092885 https://bugzilla.suse.com/1094912 SUSE Bug 1094912 https://bugzilla.suse.com/1098813 SUSE Bug 1098813 https://bugzilla.suse.com/1100394 SUSE Bug 1100394 https://bugzilla.suse.com/1102640 SUSE Bug 1102640 https://bugzilla.suse.com/1105412 SUSE Bug 1105412 https://bugzilla.suse.com/1111963 SUSE Bug 1111963 https://bugzilla.suse.com/1172781 SUSE Bug 1172781 https://bugzilla.suse.com/1172782 SUSE Bug 1172782 https://bugzilla.suse.com/1172783 SUSE Bug 1172783 https://bugzilla.suse.com/1173489 SUSE Bug 1173489 https://bugzilla.suse.com/1178658 SUSE Bug 1178658 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 https://bugzilla.suse.com/1215674 SUSE Bug 1215674 qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply. CVE-2018-5748 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-5748.html CVE-2018-5748 https://bugzilla.suse.com/1076500 SUSE Bug 1076500 https://bugzilla.suse.com/1083625 SUSE Bug 1083625 https://bugzilla.suse.com/1087887 SUSE Bug 1087887 A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons. CVE-2019-10132 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-10132.html CVE-2019-10132 https://bugzilla.suse.com/1134348 SUSE Bug 1134348 It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirtd socket could use this to probe the existence of arbitrary files, cause denial of service or cause libvirtd to execute arbitrary programs. CVE-2019-10161 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-10161.html CVE-2019-10161 https://bugzilla.suse.com/1138301 SUSE Bug 1138301 It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local attacker could modify this file such that libvirtd would execute an arbitrary program when the domain was resumed. CVE-2019-10166 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-10166.html CVE-2019-10166 https://bugzilla.suse.com/1138302 SUSE Bug 1138302 The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. CVE-2019-10167 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-10167.html CVE-2019-10167 https://bugzilla.suse.com/1138303 SUSE Bug 1138303 The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument, causing libvirtd to execute a crafted executable with its own privileges. CVE-2019-10168 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-10168.html CVE-2019-10168 https://bugzilla.suse.com/1138305 SUSE Bug 1138305 https://bugzilla.suse.com/1138582 SUSE Bug 1138582 TSX Asynchronous Abort condition on some CPUs utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11135 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-11135.html CVE-2019-11135 https://bugzilla.suse.com/1139073 SUSE Bug 1139073 https://bugzilla.suse.com/1152497 SUSE Bug 1152497 https://bugzilla.suse.com/1152505 SUSE Bug 1152505 https://bugzilla.suse.com/1152506 SUSE Bug 1152506 https://bugzilla.suse.com/1160120 SUSE Bug 1160120 https://bugzilla.suse.com/1201877 SUSE Bug 1201877 An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block. CVE-2019-3886 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2019-3886.html CVE-2019-3886 https://bugzilla.suse.com/1131595 SUSE Bug 1131595 https://bugzilla.suse.com/1133150 SUSE Bug 1133150 https://bugzilla.suse.com/1138301 SUSE Bug 1138301 A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for the QEMU guest agent to respond to agent commands. Depending on the timeout value that is set, this flaw can make guest agent commands fail because the agent cannot respond in time. Unprivileged users with a read-only connection could abuse this flaw to set the response timeout for all guest agent messages to zero, potentially leading to a denial of service. This flaw affects libvirt versions before 6.2.0. CVE-2020-10701 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-10701.html CVE-2020-10701 https://bugzilla.suse.com/1168680 SUSE Bug 1168680 A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. CVE-2020-14339 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-14339.html CVE-2020-14339 https://bugzilla.suse.com/1174458 SUSE Bug 1174458 Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code. CVE-2020-15708 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-15708.html CVE-2020-15708 https://bugzilla.suse.com/1174955 SUSE Bug 1174955 A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. CVE-2020-25637 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2020-25637.html CVE-2020-25637 https://bugzilla.suse.com/1174955 SUSE Bug 1174955 https://bugzilla.suse.com/1177155 SUSE Bug 1177155 A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity. CVE-2021-3631 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-3631.html CVE-2021-3631 https://bugzilla.suse.com/1187871 SUSE Bug 1187871 An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited ACL permissions could use this flaw to acquire the lock and prevent other users from accessing storage pool/volume APIs, resulting in a denial of service condition. The highest threat from this vulnerability is to system availability. CVE-2021-3667 openSUSE Tumbleweed:libvirt-7.7.0-2.1 openSUSE Tumbleweed:libvirt-client-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-config-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-interface-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-libxl-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-network-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nodedev-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-nwfilter-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-secret-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-core-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-disk-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-gluster-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-iscsi-direct-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-logical-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-mpath-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-rbd-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-driver-storage-scsi-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-hooks-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-lxc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-qemu-7.7.0-2.1 openSUSE Tumbleweed:libvirt-daemon-xen-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-32bit-7.7.0-2.1 openSUSE Tumbleweed:libvirt-devel-7.7.0-2.1 openSUSE Tumbleweed:libvirt-doc-7.7.0-2.1 openSUSE Tumbleweed:libvirt-libs-7.7.0-2.1 openSUSE Tumbleweed:libvirt-lock-sanlock-7.7.0-2.1 openSUSE Tumbleweed:libvirt-nss-7.7.0-2.1 openSUSE Tumbleweed:wireshark-plugin-libvirt-7.7.0-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-3667.html CVE-2021-3667 https://bugzilla.suse.com/1188843 SUSE Bug 1188843