Bug 1791677

Summary: QEMU: Slirp: disable emulation of tcp programs like ftp IRC etc. [rhel-8]
Product: Red Hat Enterprise Linux 8 Reporter: Prasad Pandit <ppandit>
Component: qemu-kvmAssignee: Marc-Andre Lureau <marcandre.lureau>
qemu-kvm sub component: General QA Contact: Quan Wenli <wquan>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: medium CC: ailan, ddepaula, jasowang, jferlan, jinzhao, knoel, marcandre.lureau, mrezanin, mtessun, philmd, rbalakri, ribarry, virt-maint, wquan
Version: 8.2Flags: wquan: needinfo-
Target Milestone: rc   
Target Release: 8.0   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: qemu-kvm-2.12.0-99.module+el8.2.0+5827+8c39933c Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1791679 (view as bug list) Environment:
Last Closed: 2020-04-28 15:33:39 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1791679, 1791680    

Description Prasad Pandit 2020-01-16 11:10:09 UTC 
Description of problem:

Upstream libslirp has disabled emulation of the tcp programs like ftp/IRC etc. in user-mode SLiRP networking since v4.1.0.

 ->  https://gitlab.freedesktop.org/slirp/libslirp/commit/07c2a44b67e219ac14207f7a1b33704e1312cf91

   emu: disable by default

tcp_emu() is known to have caused several CVEs, and not useful today in most cases.

https://nvd.nist.gov/vuln/detail/CVE-2019-6778
https://nvd.nist.gov/vuln/detail/CVE-2019-9824

The feature can be still enabled by setting SlirpConfig.enable_emu to
true.

* Please include this patch in the qemu-kvm package versions of RHEL too.

* It'll probably be better to disable user-mode SLiRP networking itself in qemu-kvm.

  ie. compile qemu-kvm package with '--disable-slirp' configure option.
Comment 6 Danilo de Paula 2020-02-19 16:48:43 UTC 
The patch fixing this BZ is lacking review ACKs.
Comment 15 errata-xmlrpc 2020-04-28 15:33:39 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2020:1587