Bug 1984318
Summary: | CVE-2021-3667 libvirt: improper locking on ACL failure in virStoragePoolLookupByTargetPath API [rhel-9.0] | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 9 | Reporter: | yafu <yafu> |
Component: | libvirt | Assignee: | Peter Krempa <pkrempa> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | yafu <yafu> |
Severity: | low | Docs Contact: | |
Priority: | low | ||
Version: | 9.0 | CC: | jdenemar, lmen, pkrempa, virt-maint, xuzhang |
Target Milestone: | beta | Keywords: | Security, SecurityTracking, Triaged |
Target Release: | --- | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | libvirt-7.6.0-1.el9 | Doc Type: | If docs needed, set a value |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2021-12-07 21:57:54 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | 7.6.0 |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1986094 |
Description
yafu
2021-07-21 09:02:40 UTC
Fixed upstream: commit 447f69dec47e1b0bd15ecd7cd49a9fd3b050fb87 Author: Peter Krempa <pkrempa> Date: Wed Jul 21 11:22:25 2021 +0200 storage_driver: Unlock object on ACL fail in storagePoolLookupByTargetPath 'virStoragePoolObjListSearch' returns a locked and refed object, thus we must release it on ACL permission failure. Fixes: 7aa0e8c0cb8 Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=1984318 Signed-off-by: Peter Krempa <pkrempa> Reviewed-by: Michal Privoznik <mprivozn> v7.5.0-160-g447f69dec4 Verified with libvirt-7.6.0-1.el9.x86_64. Test steps are the same as https://bugzilla.redhat.com/show_bug.cgi?id=1986459#c5. |