SUSE SLED12 / SLES12 Security Update : libvirt (SUSE-SU-2016:0304-1)

This script is Copyright (C) 2016 Tenable Network Security, Inc.


Synopsis :

The remote SUSE host is missing one or more security updates.

Description :

libvirt was updated to fix one security issue and several non-security
issues.

This security issue was fixed :

- CVE-2015-0236: libvirt allowed remote authenticated
users to obtain the VNC password by using the
VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot
to the virDomainSnapshotGetXMLDesc interface or (2)
image to the virDomainSaveImageGetXMLDesc interface.
(bsc#914693)

- CVE-2015-5313: path traversal vulnerability allowed
libvirtd process to write arbitrary files into file
system using root permissions (bsc#953110)

Theses non-security issues were fixed :

- bsc#948686: Use PAUSED state for domains that are
starting up.

- bsc#903757: Provide nodeGetSecurityModel implementation
in libxl.

- bsc#938228: Set disk type to BLOCK when driver is not
tap or file.

- bsc#948516: Fix profile_status to distinguish between
errors and unconfined domains.

- bsc#936524: Fix error starting lxc containers with
direct interfaces.

- bsc#921555: Fixed apparmor generated profile for PCI
hostdevs.

- bsc#899334: Include additional upstream fixes for
systemd TerminateMachine.

- bsc#921586: Fix security driver default settings in
/etc/libvirt/qemu.conf.

- bsc#921355: Fixed a number of QEMU apparmor abstraction
problems.

- bsc#911737: Additional fix for the case where security
labels aren't automatically set.

- bsc#914297: Allow setting the URL of an SMT server to
use in place of SCC.

- bsc#904432: Backported route definition changes.

Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.suse.com/899334
https://bugzilla.suse.com/903757
https://bugzilla.suse.com/904432
https://bugzilla.suse.com/911737
https://bugzilla.suse.com/914297
https://bugzilla.suse.com/914693
https://bugzilla.suse.com/921355
https://bugzilla.suse.com/921555
https://bugzilla.suse.com/921586
https://bugzilla.suse.com/936524
https://bugzilla.suse.com/938228
https://bugzilla.suse.com/948516
https://bugzilla.suse.com/948686
https://bugzilla.suse.com/953110
https://www.suse.com/security/cve/CVE-2015-0236.html
https://www.suse.com/security/cve/CVE-2015-5313.html
http://www.nessus.org/u?ad4633bf

Solution :

To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product :

SUSE Linux Enterprise Workstation Extension 12 :

zypper in -t patch SUSE-SLE-WE-12-2016-189=1

SUSE Linux Enterprise Software Development Kit 12 :

zypper in -t patch SUSE-SLE-SDK-12-2016-189=1

SUSE Linux Enterprise Server for SAP 12 :

zypper in -t patch SUSE-SLE-SAP-12-2016-189=1

SUSE Linux Enterprise Server 12 :

zypper in -t patch SUSE-SLE-SERVER-12-2016-189=1

SUSE Linux Enterprise Desktop 12 :

zypper in -t patch SUSE-SLE-DESKTOP-12-2016-189=1

To bring your system up-to-date, use 'zypper patch'.

Risk factor :

Low / CVSS Base Score : 3.5
(CVSS2#AV:N/AC:M/Au:S/C:P/I:N/A:N)
CVSS Temporal Score : 2.6
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: SuSE Local Security Checks

Nessus Plugin ID: 88560 ()

Bugtraq ID: 72526

CVE ID: CVE-2015-0236
CVE-2015-5313

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now