mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 12:50:22 +02:00
7685c7d415
Source: libvirt.org MR: 98352, 99240, 99137, 99245, 99132 Type: Security Fix Disposition: Backport from https://libvirt.org/git/?p=libvirt.git;a=log;h=refs/heads/v4.7-maint ChangeID: 95f822542723d4bf910c1b4159e1431d7d46c969 Description: Update to 4.7 maint tip all bug fixes. Includes: CVE-2018-12126 CVE-2018-12127 CVE-2018-12130 CVE-2019-11091 CVE-2019-10132 CVE-2019-10161 CVE-2019-10166 CVE-2019-10167 CVE-2019-10168 Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
64 lines
2.1 KiB
Diff
64 lines
2.1 KiB
Diff
From dfd22fc50f8f268b9810d2ef21adada021f740eb Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= <berrange@redhat.com>
|
|
Date: Tue, 30 Apr 2019 17:26:13 +0100
|
|
Subject: [PATCH 05/11] admin: reject clients unless their UID matches the
|
|
current UID
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The admin protocol RPC messages are only intended for use by the user
|
|
running the daemon. As such they should not be allowed for any client
|
|
UID that does not match the server UID.
|
|
|
|
Fixes CVE-2019-10132
|
|
|
|
Reviewed-by: Ján Tomko <jtomko@redhat.com>
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
(cherry picked from commit 96f41cd765c9e525fe28ee5abbfbf4a79b3720c7)
|
|
|
|
Upstream-Status: Backport
|
|
CVE: CVE-2019-10132
|
|
Signed-off-by: Armin Kuster <akuster@mvista.com>
|
|
|
|
---
|
|
src/admin/admin_server_dispatch.c | 22 ++++++++++++++++++++++
|
|
1 file changed, 22 insertions(+)
|
|
|
|
diff --git a/src/admin/admin_server_dispatch.c b/src/admin/admin_server_dispatch.c
|
|
index b78ff90..9f25813 100644
|
|
--- a/src/admin/admin_server_dispatch.c
|
|
+++ b/src/admin/admin_server_dispatch.c
|
|
@@ -66,6 +66,28 @@ remoteAdmClientNew(virNetServerClientPtr client ATTRIBUTE_UNUSED,
|
|
void *opaque)
|
|
{
|
|
struct daemonAdmClientPrivate *priv;
|
|
+ uid_t clientuid;
|
|
+ gid_t clientgid;
|
|
+ pid_t clientpid;
|
|
+ unsigned long long timestamp;
|
|
+
|
|
+ if (virNetServerClientGetUNIXIdentity(client,
|
|
+ &clientuid,
|
|
+ &clientgid,
|
|
+ &clientpid,
|
|
+ ×tamp) < 0)
|
|
+ return NULL;
|
|
+
|
|
+ VIR_DEBUG("New client pid %lld uid %lld",
|
|
+ (long long)clientpid,
|
|
+ (long long)clientuid);
|
|
+
|
|
+ if (geteuid() != clientuid) {
|
|
+ virReportRestrictedError(_("Disallowing client %lld with uid %lld"),
|
|
+ (long long)clientpid,
|
|
+ (long long)clientuid);
|
|
+ return NULL;
|
|
+ }
|
|
|
|
if (VIR_ALLOC(priv) < 0)
|
|
return NULL;
|
|
--
|
|
2.7.4
|
|
|