SUSE-SU-2024:1099-1

Source
https://www.suse.com/support/update/announcement/2024/suse-su-20241099-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:1099-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:1099-1
Related
Published
2024-04-03T12:08:23Z
Modified
2024-04-03T12:08:23Z
Summary
Security update for libvirt
Details

This update for libvirt fixes the following issues:

  • CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. (bsc#1221815)
  • CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces() (bsc#1221468).
  • CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus (bsc#1221237)
  • qemu: domain: Fix logic when tainting domain (bsc#1220512)
  • conf: Remove some firmware validation checks (bsc#1216980)
  • libxl: Fix connection to modular network daemon (bsc#1214223)
References

Affected packages

SUSE:Linux Enterprise Micro 5.5 / libvirt

Package

Name
libvirt
Purl
purl:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.0-150500.6.20.1

Ecosystem specific

{
    "binaries": [
        {
            "libvirt-daemon-driver-nwfilter": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-rbd": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-iscsi": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-scsi": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-interface": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-logical": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-core": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-network": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-secret": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-nodedev": "9.0.0-150500.6.20.1",
            "libvirt-daemon-qemu": "9.0.0-150500.6.20.1",
            "libvirt-libs": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-mpath": "9.0.0-150500.6.20.1",
            "libvirt-client": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-qemu": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-iscsi-direct": "9.0.0-150500.6.20.1",
            "libvirt-daemon": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-disk": "9.0.0-150500.6.20.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Basesystem 15 SP5 / libvirt

Package

Name
libvirt
Purl
purl:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.0-150500.6.20.1

Ecosystem specific

{
    "binaries": [
        {
            "libvirt-libs": "9.0.0-150500.6.20.1"
        }
    ]
}

SUSE:Linux Enterprise Module for Server Applications 15 SP5 / libvirt

Package

Name
libvirt
Purl
purl:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.0-150500.6.20.1

Ecosystem specific

{
    "binaries": [
        {
            "libvirt-daemon-driver-storage-rbd": "9.0.0-150500.6.20.1",
            "libvirt-doc": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-interface": "9.0.0-150500.6.20.1",
            "libvirt-lock-sanlock": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-core": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-nodedev": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-secret": "9.0.0-150500.6.20.1",
            "libvirt-daemon-qemu": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-qemu": "9.0.0-150500.6.20.1",
            "libvirt-devel": "9.0.0-150500.6.20.1",
            "libvirt": "9.0.0-150500.6.20.1",
            "libvirt-daemon-hooks": "9.0.0-150500.6.20.1",
            "libvirt-daemon": "9.0.0-150500.6.20.1",
            "libvirt-client-qemu": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-nwfilter": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-disk": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-libxl": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-iscsi": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-scsi": "9.0.0-150500.6.20.1",
            "libvirt-daemon-config-network": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-logical": "9.0.0-150500.6.20.1",
            "libvirt-nss": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-network": "9.0.0-150500.6.20.1",
            "libvirt-daemon-config-nwfilter": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-mpath": "9.0.0-150500.6.20.1",
            "libvirt-client": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-iscsi-direct": "9.0.0-150500.6.20.1",
            "libvirt-daemon-xen": "9.0.0-150500.6.20.1"
        }
    ]
}

openSUSE:Leap 15.5 / libvirt

Package

Name
libvirt
Purl
purl:rpm/suse/libvirt&distro=openSUSE%20Leap%2015.5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
9.0.0-150500.6.20.1

Ecosystem specific

{
    "binaries": [
        {
            "libvirt-daemon-driver-storage-rbd": "9.0.0-150500.6.20.1",
            "libvirt-doc": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-interface": "9.0.0-150500.6.20.1",
            "libvirt-lock-sanlock": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-secret": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-nodedev": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-core": "9.0.0-150500.6.20.1",
            "libvirt-daemon-qemu": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-qemu": "9.0.0-150500.6.20.1",
            "libvirt-devel": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-gluster": "9.0.0-150500.6.20.1",
            "libvirt": "9.0.0-150500.6.20.1",
            "libvirt-daemon-hooks": "9.0.0-150500.6.20.1",
            "libvirt-daemon": "9.0.0-150500.6.20.1",
            "libvirt-client-qemu": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-nwfilter": "9.0.0-150500.6.20.1",
            "libvirt-daemon-lxc": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-disk": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-libxl": "9.0.0-150500.6.20.1",
            "wireshark-plugin-libvirt": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-iscsi": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-scsi": "9.0.0-150500.6.20.1",
            "libvirt-daemon-config-network": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-logical": "9.0.0-150500.6.20.1",
            "libvirt-nss": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-network": "9.0.0-150500.6.20.1",
            "libvirt-devel-32bit": "9.0.0-150500.6.20.1",
            "libvirt-daemon-config-nwfilter": "9.0.0-150500.6.20.1",
            "libvirt-libs": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-mpath": "9.0.0-150500.6.20.1",
            "libvirt-client": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-lxc": "9.0.0-150500.6.20.1",
            "libvirt-daemon-driver-storage-iscsi-direct": "9.0.0-150500.6.20.1",
            "libvirt-daemon-xen": "9.0.0-150500.6.20.1"
        }
    ]
}