Security update for libvirt (moderate)

2021-08-2300:00:00

lists.opensuse.org

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

3.5 Low

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:S/C:N/I:N/A:P

JSON

An update that solves two vulnerabilities and has two fixes
is now available.

Description:

This update for libvirt fixes the following issues:

Security issues fixed:

CVE-2021-3631: fix SELinux label generation logic (bsc#1187871)
CVE-2021-3667: Unlock object on ACL fail in
storagePoolLookupByTargetPath (bsc#1188843)

Non-security issues fixed:

virtlockd: Don’t report error if lockspace exists (bsc#1184253)
Don’t forcibly remove ‘–listen’ arg from /etc/sysconfig/libvirtd. Add
‘–timeout 120’ if ‘–listen’ is not specified. (bsc#1188232)

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.

Alternatively you can run the command listed for your product:

openSUSE Leap 15.3:

zypper in -t patch openSUSE-SLE-15.3-2021-2812=1

OSVersionArchitecturePackageVersionFilename
openSUSE Leap15.3aarch64< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Leap15.3ppc64le< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Leap15.3s390x< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm
openSUSE Leap15.3aarch64< - openSUSE Leap 15.3 (aarch64 x86_64):- openSUSE Leap 15.3 (aarch64 x86_64):.aarch64.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (aarch64 x86_64):- openSUSE Leap 15.3 (aarch64 x86_64):.x86_64.rpm
openSUSE Leap15.3noarch< - openSUSE Leap 15.3 (noarch):- openSUSE Leap 15.3 (noarch):.noarch.rpm
openSUSE Leap15.3x86_64< - openSUSE Leap 15.3 (x86_64):- openSUSE Leap 15.3 (x86_64):.x86_64.rpm

OS	Version	Architecture	Version	Filename
openSUSE Leap	15.3	aarch64	< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):	- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.aarch64.rpm
openSUSE Leap	15.3	ppc64le	< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):	- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.ppc64le.rpm
openSUSE Leap	15.3	s390x	< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):	- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.s390x.rpm
openSUSE Leap	15.3	x86_64	< - openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):	- openSUSE Leap 15.3 (aarch64 ppc64le s390x x86_64):.x86_64.rpm
openSUSE Leap	15.3	aarch64	< - openSUSE Leap 15.3 (aarch64 x86_64):	- openSUSE Leap 15.3 (aarch64 x86_64):.aarch64.rpm
openSUSE Leap	15.3	x86_64	< - openSUSE Leap 15.3 (aarch64 x86_64):	- openSUSE Leap 15.3 (aarch64 x86_64):.x86_64.rpm
openSUSE Leap	15.3	noarch	< - openSUSE Leap 15.3 (noarch):	- openSUSE Leap 15.3 (noarch):.noarch.rpm
openSUSE Leap	15.3	x86_64	< - openSUSE Leap 15.3 (x86_64):	- openSUSE Leap 15.3 (x86_64):.x86_64.rpm