Bug 30788

Summary: libvirt: Multiple issues (3.1)
Product: UCS Reporter: Moritz Muehlenhoff <jmm>
Component: Security updatesAssignee: Security maintainers <security-maintainers>
Status: CLOSED WONTFIX QA Contact:
Severity: normal    
Priority: P4    
Version: UCS 3.0   
Target Milestone: UCS 3.1-x-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:
Bug Depends on: 33974    
Bug Blocks:    

Description Moritz Muehlenhoff univentionstaff 2013-03-14 17:07:28 CET 
Insecure group assigned to LVM devices (CVE-2013-1766)

This has low severity, since the group is empty by default and since it's a system group it would need to be added locally to /etc/group.
Comment 1 Moritz Muehlenhoff univentionstaff 2013-07-22 09:14:37 CEST 
NULL pointer dereference in libvirtd (CVE-2013-4154):

| If users haven't configured guest agent then qemuAgentCommand() will
| dereference a NULL 'mon' pointer, which causes crash of libvirtd when
| using agent based cpu (un)plug.
|
| With the patch, when the qemu-ga service isn't running in the guest,
| a expected error "error: Guest agent is not responding: Guest agent
| not available for now" will be raised, and the error "error: argument
| unsupported: QEMU guest agent is not configured" is raised when the
| guest hasn't configured guest agent.
Comment 2 Moritz Muehlenhoff univentionstaff 2013-09-20 07:53:46 CEST 
DoS in RPC handling (CVE-2013-4296)  (the version from UCS 2.4 is not affected)
Comment 3 Moritz Muehlenhoff univentionstaff 2014-01-08 09:01:29 CET 
DoS in qemu job processing (CVE-2013-6458)
Comment 4 Moritz Muehlenhoff univentionstaff 2014-01-17 13:34:40 CET 
Denial of service in keepalive handling (CVE-2014-1447)
Comment 5 Moritz Muehlenhoff univentionstaff 2014-05-07 08:57:23 CEST 
Denial of service / information disclosure through unlimited XML entity expansion (CVE-2014-0179)
Comment 6 Moritz Muehlenhoff univentionstaff 2014-06-02 07:59:11 CEST 
The maintenance with bug and security fixes for UCS 3.1-x has ended on 31st of May 2014.

The maintenance of the UCS 3.x major series is continued by UCS 3.2-x that is supplied with bug and security fixes.

Customers still on UCS 3.1-x are encouraged to update to UCS 3.2. Please contact your partner or Univention for any questions.