CVE-2013-6456

The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; (2) create arbitrary nodes (mknod) via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the (3) virDomainShutdown or (4) virDomainReboot API and a symlink attack on /dev/initctl in the container, related to "paths under /proc/$PID/root" and the virInitctlSetRunLevel function.

Read the notes from the security team

Status

Show unmaintained releases

Package	Ubuntu Release	Status
libvirt	14.04 LTS trusty	Not affected
	13.10 saucy	Fixed 1.1.1-0ubuntu8.11
	13.04 raring	Ignored end of life
	12.10 quantal	Not affected
	12.04 LTS precise	Not affected
	10.04 LTS lucid	Not affected

Notes

mdeslaur

1.0.1 and higher

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
libvirt	Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=a15d9aa37e0baa4677c605c7563ebd92d3de468c Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=268ef38d12b6bf4fdcbbe6f8c7dd6c2e4cc446f1 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=5daffc54b0815c49146cb6174c28954252542247 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=aaba652d2ba2a3a258c6b36d109ada59824cedce Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=4428224e0d60ce32cb81be45b79323912ce5b8dc Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=d0ddd54a6706b7bfbc2ff1c2d3352331a8857660 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=869961c1a2dc718d6272b3218e0263d58d4a6648 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=045ab83be86ab960ab8358d96de110e98930740c Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=06a0f6b81cb982d8b7789862ef2e197d68d9e6ab Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=40c8a8e92686fb5bf55fa1482b59309d3e5b96e3 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=599be6a6f93618ac5094e0283538ed827b5c7e5b Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=05b36162178f8bf43c5ca57568f154493701b209 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=6ecb7bc3aed7f60edad5289c9b0cfcf99eee6611 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=72a4c29ca72789b13de1ed9cb96df9fb2b0fdde4 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=83f83508e128275bd1b74988162dc6b9f86e00ee Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=398c88edfaef50b9b59eb2d9a61b07c9c940a661 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=dd055960df60c536957664f0ae3c591feecf7b09 Upstream: http://libvirt.org/git/?p=libvirt.git;a=commit;h=14d69bd00e4455a1d174d14c5af73975cf9e904a

Package

Patch details

libvirt

References

Related Ubuntu Security Notices (USN)

USN-2209-1
libvirt vulnerabilities
7 May 2014

Status

Notes

Patch details

References

Related Ubuntu Security Notices (USN)

Other references