An update for libvirt is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS Security Advisory openeuler-security@openeuler.org openEuler security committee openEuler-SA-2022-1722 Final 1.0 1.0 2022-06-24 Initial 2022-06-24 2022-06-24 openEuler SA Tool V1.0 2022-06-24 libvirt security update An update for libvirt is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support. Security Fix(es): A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the `driver->nwfilters` mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the `driver->nwfilters` object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt’s API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).(CVE-2022-0897) An update for libvirt is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS. openEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. Medium libvirt https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1722 https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-0897 https://nvd.nist.gov/vuln/detail/CVE-2022-0897 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS libvirt-daemon-driver-secret-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-qemu-6.2.0-15.oe1.aarch64.rpm libvirt-6.2.0-15.oe1.aarch64.rpm libvirt-debugsource-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-qemu-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-rbd-6.2.0-15.oe1.aarch64.rpm libvirt-bash-completion-6.2.0-15.oe1.aarch64.rpm libvirt-debuginfo-6.2.0-15.oe1.aarch64.rpm libvirt-wireshark-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-scsi-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-kvm-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-gluster-6.2.0-15.oe1.aarch64.rpm libvirt-devel-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-logical-6.2.0-15.oe1.aarch64.rpm libvirt-docs-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-disk-6.2.0-15.oe1.aarch64.rpm libvirt-lock-sanlock-6.2.0-15.oe1.aarch64.rpm libvirt-admin-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-6.2.0-15.oe1.aarch64.rpm libvirt-libs-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-iscsi-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-nwfilter-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-config-network-6.2.0-15.oe1.aarch64.rpm libvirt-nss-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-mpath-6.2.0-15.oe1.aarch64.rpm libvirt-client-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-nodedev-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-config-nwfilter-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-iscsi-direct-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-network-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-storage-core-6.2.0-15.oe1.aarch64.rpm libvirt-daemon-driver-interface-6.2.0-15.oe1.aarch64.rpm libvirt-client-6.2.0-19.oe1.aarch64.rpm libvirt-devel-6.2.0-19.oe1.aarch64.rpm libvirt-docs-6.2.0-19.oe1.aarch64.rpm libvirt-admin-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-core-6.2.0-19.oe1.aarch64.rpm libvirt-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-nodedev-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-iscsi-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-gluster-6.2.0-19.oe1.aarch64.rpm libvirt-debuginfo-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-config-nwfilter-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-mpath-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-qemu-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-config-network-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-kvm-6.2.0-19.oe1.aarch64.rpm libvirt-lock-sanlock-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-rbd-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-disk-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-interface-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-nwfilter-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-iscsi-direct-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-logical-6.2.0-19.oe1.aarch64.rpm libvirt-nss-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-scsi-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-qemu-6.2.0-19.oe1.aarch64.rpm libvirt-libs-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-network-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-secret-6.2.0-19.oe1.aarch64.rpm libvirt-wireshark-6.2.0-19.oe1.aarch64.rpm libvirt-debugsource-6.2.0-19.oe1.aarch64.rpm libvirt-bash-completion-6.2.0-19.oe1.aarch64.rpm libvirt-daemon-driver-storage-gluster-6.2.0-40.oe2203.aarch64.rpm libvirt-wireshark-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-iscsi-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-disk-6.2.0-40.oe2203.aarch64.rpm libvirt-bash-completion-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-nwfilter-6.2.0-40.oe2203.aarch64.rpm libvirt-debuginfo-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-nodedev-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-kvm-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-iscsi-direct-6.2.0-40.oe2203.aarch64.rpm libvirt-libs-6.2.0-40.oe2203.aarch64.rpm libvirt-client-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-core-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-rbd-6.2.0-40.oe2203.aarch64.rpm libvirt-nss-6.2.0-40.oe2203.aarch64.rpm libvirt-debugsource-6.2.0-40.oe2203.aarch64.rpm libvirt-admin-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-config-nwfilter-6.2.0-40.oe2203.aarch64.rpm libvirt-docs-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-6.2.0-40.oe2203.aarch64.rpm libvirt-lock-sanlock-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-secret-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-config-network-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-interface-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-qemu-6.2.0-40.oe2203.aarch64.rpm libvirt-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-qemu-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-logical-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-scsi-6.2.0-40.oe2203.aarch64.rpm libvirt-devel-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-network-6.2.0-40.oe2203.aarch64.rpm libvirt-daemon-driver-storage-mpath-6.2.0-40.oe2203.aarch64.rpm libvirt-6.2.0-15.oe1.src.rpm libvirt-6.2.0-19.oe1.src.rpm libvirt-6.2.0-40.oe2203.src.rpm libvirt-lock-sanlock-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-secret-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-gluster-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-scsi-6.2.0-15.oe1.x86_64.rpm libvirt-debugsource-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-rbd-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-qemu-6.2.0-15.oe1.x86_64.rpm libvirt-debuginfo-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-nwfilter-6.2.0-15.oe1.x86_64.rpm libvirt-bash-completion-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-config-nwfilter-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-direct-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-kvm-6.2.0-15.oe1.x86_64.rpm libvirt-admin-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-6.2.0-15.oe1.x86_64.rpm libvirt-docs-6.2.0-15.oe1.x86_64.rpm libvirt-libs-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-disk-6.2.0-15.oe1.x86_64.rpm libvirt-wireshark-6.2.0-15.oe1.x86_64.rpm libvirt-nss-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-core-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-interface-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-mpath-6.2.0-15.oe1.x86_64.rpm libvirt-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-config-network-6.2.0-15.oe1.x86_64.rpm libvirt-devel-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-nodedev-6.2.0-15.oe1.x86_64.rpm libvirt-client-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-storage-logical-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-network-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-driver-qemu-6.2.0-15.oe1.x86_64.rpm libvirt-daemon-kvm-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-mpath-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-secret-6.2.0-19.oe1.x86_64.rpm libvirt-bash-completion-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-nwfilter-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-core-6.2.0-19.oe1.x86_64.rpm libvirt-nss-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-rbd-6.2.0-19.oe1.x86_64.rpm libvirt-debuginfo-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-6.2.0-19.oe1.x86_64.rpm libvirt-lock-sanlock-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-config-nwfilter-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-qemu-6.2.0-19.oe1.x86_64.rpm libvirt-libs-6.2.0-19.oe1.x86_64.rpm libvirt-devel-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-logical-6.2.0-19.oe1.x86_64.rpm libvirt-6.2.0-19.oe1.x86_64.rpm libvirt-admin-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-network-6.2.0-19.oe1.x86_64.rpm libvirt-client-6.2.0-19.oe1.x86_64.rpm libvirt-debugsource-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-qemu-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-scsi-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-nodedev-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-config-network-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-disk-6.2.0-19.oe1.x86_64.rpm libvirt-docs-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-interface-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-iscsi-direct-6.2.0-19.oe1.x86_64.rpm libvirt-daemon-driver-storage-gluster-6.2.0-19.oe1.x86_64.rpm libvirt-wireshark-6.2.0-19.oe1.x86_64.rpm libvirt-nss-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-qemu-6.2.0-40.oe2203.x86_64.rpm libvirt-bash-completion-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-mpath-6.2.0-40.oe2203.x86_64.rpm libvirt-libs-6.2.0-40.oe2203.x86_64.rpm libvirt-admin-6.2.0-40.oe2203.x86_64.rpm libvirt-6.2.0-40.oe2203.x86_64.rpm libvirt-devel-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-config-nwfilter-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-disk-6.2.0-40.oe2203.x86_64.rpm libvirt-lock-sanlock-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-iscsi-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-secret-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-config-network-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-core-6.2.0-40.oe2203.x86_64.rpm libvirt-docs-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-network-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-scsi-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-logical-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-iscsi-direct-6.2.0-40.oe2203.x86_64.rpm libvirt-debugsource-6.2.0-40.oe2203.x86_64.rpm libvirt-client-6.2.0-40.oe2203.x86_64.rpm libvirt-wireshark-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-gluster-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-nodedev-6.2.0-40.oe2203.x86_64.rpm libvirt-debuginfo-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-qemu-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-interface-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-kvm-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-storage-rbd-6.2.0-40.oe2203.x86_64.rpm libvirt-daemon-driver-nwfilter-6.2.0-40.oe2203.x86_64.rpm A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the `driver->nwfilters` mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the `driver->nwfilters` object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirt’s API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd). 2022-06-24 CVE-2022-0897 openEuler-20.03-LTS-SP1 openEuler-20.03-LTS-SP3 openEuler-22.03-LTS Medium 4.3 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L libvirt security update 2022-06-24 https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1722