RHEL 7 : libvirt (RHSA-2014:0914)

This script is Copyright (C) 2014-2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

Updated libvirt packages that fix one security issue and three bugs
are now available for Red Hat Enterprise Linux 7.

The Red Hat Security Response Team has rated this update as having
Moderate security impact. A Common Vulnerability Scoring System (CVSS)
base score, which gives a detailed severity rating, is available from
the CVE link in the References section.

The libvirt library is a C API for managing and interacting with the
virtualization capabilities of Linux and other operating systems. In
addition, libvirt provides tools for remote management of virtualized
systems.

It was found that libvirt passes the XML_PARSE_NOENT flag when parsing
XML documents using the libxml2 library, in which case all XML
entities in the parsed documents are expanded. A user able to force
libvirtd to parse an XML document with an entity pointing to a file
could use this flaw to read the contents of that file; parsing an XML
document with an entity pointing to a special file that blocks on read
access could cause libvirtd to hang indefinitely, resulting in a
denial of service on the system. (CVE-2014-0179)

Red Hat would like to thank the upstream Libvirt project for reporting
this issue. Upstream acknowledges Daniel P. Berrange and Richard Jones
as the original reporters.

This update also fixes the following bugs :

* A previous update of the libvirt package introduced an error; a
SIG_SETMASK argument was incorrectly replaced by a SIG_BLOCK argument
after the poll() system call. Consequently, the SIGCHLD signal could
be permanently blocked, which caused signal masks to not return to
their original values and defunct processes to be generated. With this
update, the original signal masks are restored and defunct processes
are no longer generated. (BZ#1112689)

* An attempt to start a domain that did not exist caused network
filters to be locked for read-only access. As a consequence, when
trying to gain read-write access, a deadlock occurred. This update
applies a patch to fix this bug and an attempt to start a non-existent
domain no longer causes a deadlock in the described scenario.
(BZ#1112690)

* Previously, the libvirtd daemon was binding only to addresses that
were configured on certain network interfaces. When libvirtd started
before the IPv4 addresses had been configured, libvirtd listened only
on the IPv6 addresses. The daemon has been modified to not require an
address to be configured when binding to a wildcard address, such as
'0.0.0.0' or '::'. As a result, libvirtd binds to both IPv4 and IPv6
addresses as expected. (BZ#1112692)

Users of libvirt are advised to upgrade to these updated packages,
which fix these bugs. After installing the updated packages, libvirtd
will be restarted automatically.

See also :

https://www.redhat.com/security/data/cve/CVE-2014-0179.html
https://www.redhat.com/security/data/cve/CVE-2014-5177.html
http://rhn.redhat.com/errata/RHSA-2014-0914.html

Solution :

Update the affected packages.

Risk factor :

Low / CVSS Base Score : 1.9
(CVSS2#AV:L/AC:M/Au:N/C:N/I:N/A:P)

Family: Red Hat Local Security Checks

Nessus Plugin ID: 76904 ()

Bugtraq ID:

CVE ID: CVE-2014-0179
CVE-2014-5177

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now