Overview

File e4116eaa-CVE-2020-25637.patch of Package libvirt.22291

commit e4116eaa44cb366b59f7fe98f4b88d04c04970ad
Author: Ján Tomko <jtomko@redhat.com>
Date:   Fri Sep 18 17:54:14 2020 +0200

    rpc: require write acl for guest agent in virDomainInterfaceAddresses
    
    CVE-2020-25637
    
    Add a requirement for domain:write if source is set to
    VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT.
    
    Signed-off-by: Ján Tomko <jtomko@redhat.com>
    Reported-by: Ilja Van Sprundel <ivansprundel@ioactive.com>
    Reviewed-by: Jiri Denemark <jdenemar@redhat.com>

Index: libvirt-6.0.0/src/libxl/libxl_driver.c
===================================================================
--- libvirt-6.0.0.orig/src/libxl/libxl_driver.c
+++ libvirt-6.0.0/src/libxl/libxl_driver.c
@@ -6366,7 +6366,7 @@ libxlDomainInterfaceAddresses(virDomainP
     if (!(vm = libxlDomObjFromDomain(dom)))
         goto cleanup;
 
-    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
         goto cleanup;
 
     if (virDomainObjCheckActive(vm) < 0)
Index: libvirt-6.0.0/src/qemu/qemu_driver.c
===================================================================
--- libvirt-6.0.0.orig/src/qemu/qemu_driver.c
+++ libvirt-6.0.0/src/qemu/qemu_driver.c
@@ -22010,7 +22010,7 @@ qemuDomainInterfaceAddresses(virDomainPt
     if (!(vm = qemuDomainObjFromDomain(dom)))
         goto cleanup;
 
-    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def) < 0)
+    if (virDomainInterfaceAddressesEnsureACL(dom->conn, vm->def, source) < 0)
         goto cleanup;
 
     if (virDomainObjCheckActive(vm) < 0)
Index: libvirt-6.0.0/src/remote/remote_protocol.x
===================================================================
--- libvirt-6.0.0.orig/src/remote/remote_protocol.x
+++ libvirt-6.0.0/src/remote/remote_protocol.x
@@ -6211,6 +6211,7 @@ enum remote_procedure {
     /**
      * @generate: none
      * @acl: domain:read
+     * @acl: domain:write::source:VIR_DOMAIN_INTERFACE_ADDRESSES_SRC_AGENT
      */
     REMOTE_PROC_DOMAIN_INTERFACE_ADDRESSES = 353,
openSUSE Build Service is sponsored by
Places