File e4116eaa-CVE-2020-25637.patch of Package libvirt.16761
commit e4116eaa44cb366b59f7fe98f4b88d04c04970ad
Author: Ján Tomko <jtomko@redhat.com>
Date: Fri Sep 18 17:54:14 2020 +0200
rpc: require write acl for guest agent in virDomainInterfaceAddresses
CVE-2020-25637
Add a requirement for domain:write if source is set to
VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT.
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
Reviewed-by: Jiri Denemark <jdenemar@redhat.com>
Index: libvirt-5.1.0/src/libxl/libxl_driver.c
===================================================================
--- libvirt-5.1.0.orig/src/libxl/libxl_driver.c
+++ libvirt-5.1.0/src/libxl/libxl_driver.c
@@ -6376,7 +6376,7 @@ libxlDomainInterfaceAddresses(virDomainP
if (!(vm = libxlDomObjFromDomain(dom)))
goto cleanup;
- if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+ if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
goto cleanup;
if (virDomainObjCheckActive(vm) < 0)
Index: libvirt-5.1.0/src/qemu/qemu_driver.c
===================================================================
--- libvirt-5.1.0.orig/src/qemu/qemu_driver.c
+++ libvirt-5.1.0/src/qemu/qemu_driver.c
@@ -21430,7 +21430,7 @@ qemuDomainInterfaceAddresses(virDomainPt
if (!(vm = qemuDomObjFromDomain(dom)))
goto cleanup;
- if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+ if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
goto cleanup;
if (virDomainObjCheckActive(vm) < 0)
Index: libvirt-5.1.0/src/remote/remote_protocol.x
===================================================================
--- libvirt-5.1.0.orig/src/remote/remote_protocol.x
+++ libvirt-5.1.0/src/remote/remote_protocol.x
@@ -6005,6 +6005,7 @@ enum remote_procedure {
/**
* @generate: none
* @acl: domain:read
+ * @acl: domain:write::source:VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT
*/
REMOTE_PROC_DOMAIN_INTERFACE_ADDRESSES = 353,