Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Ubuntu: 1094-1: Libvirt vulnerability Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Ubuntu Petr Matousek discovered that libvirt did not always honor read-onlyconnections. An attacker who is authorized to connect to the libvirt daemoncould exploit this to cause a denial of service via application crash. [More...]
Ubuntu Security Notice USN-1094-1            March 29, 2011
libvirt vulnerability

A security issue affects the following Ubuntu releases:

Ubuntu 9.10
Ubuntu 10.04 LTS
Ubuntu 10.10

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.10:
  libvirt0                        0.7.0-1ubuntu13.3

Ubuntu 10.04 LTS:
  libvirt0                        0.7.5-5ubuntu27.9

Ubuntu 10.10:
  libvirt0                        0.8.3-1ubuntu14.1

In general, a standard system update will make all the necessary changes.

Details follow:

Petr Matousek discovered that libvirt did not always honor read-only
connections. An attacker who is authorized to connect to the libvirt daemon
could exploit this to cause a denial of service via application crash.

Updated packages for Ubuntu 9.10:

  Source archives:
      Size/MD5:   745434 18fdae17991560abb61812be87dc69ee
      Size/MD5:     2484 81391a8821631250e9ab258d89267770
      Size/MD5:  7914077 8c2c14a7695c9c661004bcfc6468d62d

  Architecture independent packages:
      Size/MD5:   594392 9590252ba33110c2017aab77a2d21054

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   403860 d7ca31d566995dad3a7e2d0db0a69bdd
      Size/MD5:   510860 8b17b036119238eb6fa40ae6d082a9cc
      Size/MD5:   823326 472e1e8ce68abc505bea16037ae560d3
      Size/MD5:   412862 0999d15cd3b1f66cf8310089c8af232d
      Size/MD5:    50210 cccd9d1b1fc5d4ba25a1c2016bd615d7

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   394958 998a2e6038371ded95448c411c637be9
      Size/MD5:   500958 c3de8c97b07b0ca2232ab0e2e5acb386
      Size/MD5:   791276 9266cdd6c42b8c662968cf2bd8d251aa
      Size/MD5:   405862 e8c137d02d71ad5cd09c75cda439a5af
      Size/MD5:    48704 a70fcdac6855f962114910306c74a780

  armel architecture (ARM Architecture):
      Size/MD5:   396230 01f514fcfd559fdd0daa4a903f3b0d0b
      Size/MD5:   328774 477f9ad9224eb90975280463dbc2f114
      Size/MD5:   495448 726f94fc230f6e806df88118b07c27fe
      Size/MD5:   272502 d60fff17077eb17e575c79b61ab98737
      Size/MD5:    44072 5d467c3a8078263c844d523b3c855e0d

  lpia architecture (Low Power Intel Architecture):
      Size/MD5:   429326 afe8c7ae1e27c1aa53da7a174c3872cc
      Size/MD5:   344042 8a74f7e16fb3e128d296cc1587b92aaf
      Size/MD5:   492764 160dec1145dcac9c6674795aef001557
      Size/MD5:   295892 6cf27b30911c8f9426d748524ec53ee0
      Size/MD5:    50034 62da87372823c7f25fd3dc66314b5ffc

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   419834 6d3584a3085c31cdb448c5e92b87231f
      Size/MD5:   328144 952793d72edc25475de7d7fcb33c1cd7
      Size/MD5:   511278 d2da73d62b01f792e60eeb3ad261732d
      Size/MD5:   300540 2952822416edd6d4a1a19a825c78616c
      Size/MD5:    51412 0ce914f58ca2700fb52f96b1bf6acc6a

  sparc architecture (Sun SPARC/UltraSPARC):
      Size/MD5:   392312 0e1c821654bed3547755978ed60a98a1
      Size/MD5:   341680 2fe7577c272a6c983172752f9cb40692
      Size/MD5:   461314 be7912ac9a8a81a01fcf79c1ec8360b4
      Size/MD5:   275128 96d18edf5ef6c5f4acc8592ffe70a201
      Size/MD5:    49902 bcb94656f352abc825758ff351580c82

Updated packages for Ubuntu 10.04 LTS:

  Source archives:
      Size/MD5:    79590 dbfee62055eef69166bcbae32943868a
      Size/MD5:     2636 a43760f77881a106dc6512c6ffcbbf39
      Size/MD5:  9343666 06eedba78d4848cede7ab1a6e48f6df9

  Architecture independent packages:
      Size/MD5:   756396 e3a63e1d68ea6152d6f9674c38d91046

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   597418 e66962022a4c5a62ddbc3a7f449181c8
      Size/MD5:   647348 9744b61b0630fd0f2b543b8f61a4a240
      Size/MD5:  2326460 b227c9a4349297d40e8514310b7daf54
      Size/MD5:   646904 f68fdcbb53151a9c01f34af092fceb6c
      Size/MD5:    57354 6d1814dab3b0c92b86208bb1241cd137

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   580212 b531620d02863818615b319a65fcd792
      Size/MD5:   637800 3f73a629abf7a7c36821f87e404da6e9
      Size/MD5:  2234636 b9eb02b5e647a8c628a7cb11a5ea5d89
      Size/MD5:   639180 52a4b631e3b684a384090f7bbfaaaa5d
      Size/MD5:    55768 b160fba16e0a38cc8ff2809402dc3d1e

  armel architecture (ARM Architecture):
      Size/MD5:   570462 b9d67701834c45d76704aeb447601ce3
      Size/MD5:   393384 a7df540122da4e21831e7e935c11043d
      Size/MD5:  1890446 61d7ed2ebbddea110bd11cb33f2727e3
      Size/MD5:   454310 ba2296a552e2ddd9a4b347e051dc5daf
      Size/MD5:    51172 e3aab2e92a1cbc7ae3739b7497746fba

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   620986 8df2d72a6b7cb4509cc38d0e5739b946
      Size/MD5:   408434 cc1b99b08caae417b7a4d2a95bc22adf
      Size/MD5:  1887760 7262ac20d1d866b49c8227b5d049cec8
      Size/MD5:   496356 3cbb12e3ca51fff4f23464ca3cdecd65
      Size/MD5:    59374 af02c87121e54bc82441c711af4e2770

Updated packages for Ubuntu 10.10:

  Source archives:
      Size/MD5:    65778 7322646038b35bc5597d9d16b508f127
      Size/MD5:     2669 5da1871457fdee4f8dab0b53132c1669
      Size/MD5: 12430752 ae8535ce119d32a2e9fb1f46e2c8f325

  Architecture independent packages:
      Size/MD5:   820732 eb9c4c132cc5cbc932a38c1be03f86c9

  amd64 architecture (Athlon64, Opteron, EM64T Xeon):
      Size/MD5:   789948 ed41d2c9836d6d30d20c86792123cc93
      Size/MD5:   655932 71c9e1a640228d0e870ae356b1efcd3c
      Size/MD5:  2685230 e0c3aa32688fca82fb46dc1baadd2d0b
      Size/MD5:   566848 bdb51851686e7ebdbe9a5630f4317f2c
      Size/MD5:    66424 fe7739310007e1c42b38398457668e43

  i386 architecture (x86 compatible Intel/AMD):
      Size/MD5:   766740 a6f8646f5e9d7e6846dc70cb6f64b152
      Size/MD5:   641296 dc4b5fe33ee7c85401b1fbdd63574544
      Size/MD5:  2585322 bfeae234d8a63d64be212901c1fe1e7a
      Size/MD5:   553126 bf2eb0e856fdc51e763eb79564f230fb
      Size/MD5:    64432 3f1ff9b1134b3cae3e7d863873944253

  armel architecture (ARM Architecture):
      Size/MD5:   787038 7fa41ca5f9abbc0bbed5943717b0f301
      Size/MD5:   537538 b6b01d3f968df770813f7d7fdea3965b
      Size/MD5:  2478628 7a7bc6750228de570d6d003fffb5b5a7
      Size/MD5:   476782 e37ff729fe77d8eeca63022c9219d773
      Size/MD5:    60568 8524aac0e2c5ce018353ccf25eeb4938

  powerpc architecture (Apple Macintosh G3/G4/G5):
      Size/MD5:   820744 5047a6be2da3646d66aec9041a98e80e
      Size/MD5:   533026 05b9b6ea37df2b35d14a6015d2a14490
      Size/MD5:  2474132 0282707b7d664a175be082634eea7bb6
      Size/MD5:   508594 bb6f546eaa705a7fe6071fa5689b32c5
      Size/MD5:    68872 fdfbe3eeb22f86730a0ee15f6aaf0c2f

< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
FBI Quietly Removes Recommendation To Encrypt Your Phone
And the prize for LEAST SECURE BROWSER goes to ... Chrome!
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.