摘要:
libvirt security update
安全等级: Medium
公告ID: KylinSec-SA-2024-3685
发布日期: 2024年8月23日
关联CVE: CVE-2024-2496
Libvirt 是一个 C 语言工具包,用于与 Linux(以及其他操作系统)最新版本的虚拟化功能进行交互。主软件包包括导出虚拟化支持的 libvirtd 服务器。
安全修复:
在 libvirt 的 udevConnectListAllInterfaces() 函数中发现了一个空指针解引用漏洞。当在通过 virConnectListAllInterfaces API 收集接口列表的同时分离主机接口时,可能会发生此问题。此漏洞可用于通过导致 libvirt 守护进程崩溃来执行拒绝服务攻击。(CVE-2024-2496)
| cve名称 | 产品 | 组件 | 是否受影响 |
|---|---|---|---|
| CVE-2024-2496 | KY3.4-5A | libvirt | Fixed |
| 软件名称 | 架构 | 版本号 |
|---|---|---|
| libvirt | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-admin | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-bash-completion | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-client | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-config-network | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-config-nwfilter | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-interface | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-network | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-nodedev | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-nwfilter | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-qemu | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-secret | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-core | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-disk | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-gluster | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-iscsi | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-iscsi-direct | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-logical | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-mpath | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-rbd | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-scsi | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-kvm | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-qemu | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-devel | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-docs | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-libs | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-lock-sanlock | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-nss | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-wireshark | x86_64 | 6.2.0-25.kb1.ky3_4 |
| libvirt | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-admin | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-bash-completion | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-client | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-config-network | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-config-nwfilter | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-interface | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-network | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-nodedev | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-nwfilter | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-qemu | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-secret | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-core | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-disk | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-gluster | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-iscsi | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-iscsi-direct | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-logical | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-mpath | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-rbd | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-driver-storage-scsi | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-kvm | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-daemon-qemu | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-devel | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-docs | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-libs | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-lock-sanlock | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-nss | aarch64 | 6.2.0-25.kb1.ky3_4 |
| libvirt-wireshark | aarch64 | 6.2.0-25.kb1.ky3_4 |
方法一:下载安装包进行升级安装
1、通过下载链接下载需要升级的升级包保存,如 xxx.rpm
2、通过rpm命令升级,如 rpm -Uvh xxx.rpm
方法二:通过软件源进行升级安装
1、保持能够连接上互联网
2、通过yum命令升级指定的包,如 yum install 包名
libvirt-daemon-config-nwfilter
libvirt-daemon-driver-interface
libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-storage-core
libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi
libvirt-daemon-driver-storage-iscsi-direct
libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd
libvirt-daemon-driver-storage-scsi
libvirt-daemon-config-nwfilter
libvirt-daemon-driver-interface
libvirt-daemon-driver-nwfilter
libvirt-daemon-driver-storage-core
libvirt-daemon-driver-storage-disk
libvirt-daemon-driver-storage-gluster
libvirt-daemon-driver-storage-iscsi
libvirt-daemon-driver-storage-iscsi-direct
libvirt-daemon-driver-storage-logical
libvirt-daemon-driver-storage-mpath
libvirt-daemon-driver-storage-rbd
