Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
libvirt.11700
CVE-2019-3886-api.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File CVE-2019-3886-api.patch of Package libvirt.11700
commit 69f94df6afe2ea8e2034903d6423c783e0c535e8 Author: Daniel P. Berrangé <berrange@redhat.com> Date: Wed Apr 3 15:00:49 2019 +0100 api: disallow virDomainGetHostname for read-only connections The virDomainGetHostname API is fetching guest information and this may involve use of an untrusted guest agent. As such its use must be forbidden on a read-only connection to libvirt. Fixes CVE-2019-3886 Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Index: libvirt-5.1.0/src/libvirt-domain.c =================================================================== --- libvirt-5.1.0.orig/src/libvirt-domain.c +++ libvirt-5.1.0/src/libvirt-domain.c @@ -11031,6 +11031,8 @@ virDomainGetHostname(virDomainPtr domain virCheckDomainReturn(domain, NULL); conn = domain->conn; + virCheckReadOnlyGoto(domain->conn->flags, error); + if (conn->driver->domainGetHostname) { char *ret; ret = conn->driver->domainGetHostname(domain, flags);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor