From ${URL} : Description Some vulnerabilities have been reported in libvirt, which can be exploited by malicious, local users to gain escalated privileges and by malicious users to bypass certain security restrictions. 1) Some errors related to the virt-login-shell binary can be exploited to e.g. overwrite arbitrary files with root privileges. 2) An error within the "virConnectDomainXMLToNative()" API can be exploited to gain access to otherwise restricted functionality via specially crafted XML data. Solution: Fixed in the git repository. Provided and/or discovered by: 1) The vendor credits Sebastian Krahmer, SUSE Security Team. 2) Reported by the vendor. Original Advisory: http://libvirt.org/git/?p=libvirt.git;a=commit;h=8c3586ea755c40d5e01b22cb7b5c1e668cdec994 http://libvirt.org/git/?p=libvirt.git;a=commit;h=b7fcc799ad5d8f3e55b89b94e599903e3c092467 http://libvirt.org/git/?p=libvirt.git;a=commit;h=3e2f27e13b94f7302ad948bcacb5e02c859a25fc http://libvirt.org/git/?p=libvirt.git;a=commit;h=57687fd6bf7f6e1b3662c52f3f26c06ab19dc96c @maintainer(s): since the fixed package is already in the tree, please say explicitly if it is ready for the stabilization or not.
CVE-2013-4400 and CVE-2013-4401 are fixed with libvirt-1.1.3-r1. *libvirt-1.1.3-r1 (22 Oct 2013) 22 Oct 2013; Doug Goldstein <cardoe@gentoo.org> +libvirt-1.1.3-r1.ebuild: Fix for CVE-2013-4400 and CVE-2013-4401.
Arches, please test and mark stable: =app-emulation/libvirt-1.1.3-r1; Target keywords : "amd64 x86"
@Yuri, thanks for the help, but please do the job in a complete manner.
amd64/x86 stable @maintainer: please cleanup.
(In reply to Agostino Sarubbo from comment #4) > amd64/x86 stable > > > @maintainer: please cleanup. Done.
Added to existing GLSA draft
CVE-2013-4400 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-4400): virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.
This issue was resolved and addressed in GLSA 201412-04 at http://security.gentoo.org/glsa/glsa-201412-04.xml by GLSA coordinator Kristian Fiskerstrand (K_F).