Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 916497 (CVE-2023-3750)

Summary: <app-emulation/libvirt-{9.3.0-r1,9.4.0-r4,9.5.0-r1,9.6.0}: libvirt daemon crash
Product: Gentoo Security Reporter: John Helmert III <ajak>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: minor CC: michal.privoznik, tamiko, virtualization
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://listman.redhat.com/archives/libvirt-announce/2023-August/000643.html
See Also: https://github.com/gentoo/gentoo/pull/33604
https://github.com/gentoo/gentoo/pull/33929
Whiteboard: B3 [glsa+]
Package list:
Runtime testing required: ---

Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-10-29 18:56:21 UTC 
CVE-2023-3750:

A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon.
Comment 1 Larry the Git Cow gentoo-dev 2023-10-31 16:25:24 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=42fd27c7046a483b588a8e4e59f6ab8c1d2edcc2

commit 42fd27c7046a483b588a8e4e59f6ab8c1d2edcc2
Author:     Michal Privoznik <michal.privoznik@gmail.com>
AuthorDate: 2023-10-31 09:00:44 +0000
Commit:     Matthias Maier <tamiko@gentoo.org>
CommitDate: 2023-10-31 16:25:18 +0000

    app-emulation/libvirt: Backport fix for CVE-2023-3750
    
    A security flaw was identified in <app-emulation/libvirt-9.6.0
    which can result int DoS. The upstream is fixed from 9.6.0.
    Backport the fix to older versions found in portage.
    
    Bug: https://bugs.gentoo.org/916497
    Closes: https://github.com/gentoo/gentoo/pull/33604
    Signed-off-by: Michal Privoznik <michal.privoznik@gmail.com>
    Signed-off-by: Matthias Maier <tamiko@gentoo.org>

 ...-returning-of-locked-objects-from-virStor.patch | 57 ++++++++++++++++++++++
 ...ibvirt-9.3.0.ebuild => libvirt-9.3.0-r1.ebuild} |  1 +
 ...irt-9.4.0-r3.ebuild => libvirt-9.4.0-r4.ebuild} |  1 +
 ...ibvirt-9.5.0.ebuild => libvirt-9.5.0-r1.ebuild} |  1 +
 4 files changed, 60 insertions(+)
Comment 2 Matthias Maier gentoo-dev 2023-10-31 16:27:50 UTC 
All versions remaining in the tree (including stable versions) are fixed.
Comment 3 Larry the Git Cow gentoo-dev 2024-12-11 08:41:37 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=13edb9df7edffbb08f4197f6bf3f4a252308ca96

commit 13edb9df7edffbb08f4197f6bf3f4a252308ca96
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2024-12-11 08:41:12 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2024-12-11 08:41:34 +0000

    [ GLSA 202412-16 ] libvirt: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/908042
    Bug: https://bugs.gentoo.org/916497
    Bug: https://bugs.gentoo.org/929966
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202412-16.xml | 46 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)