Red Hat Bugzilla – Full Text Bug Listing
|Summary:||CVE-2013-1962 libvirt: DoS (max count of open files exhaustion) due sockets leak in the storage pool|
|Product:||[Other] Security Response||Reporter:||Jan Lieskovsky <jlieskov>|
|Component:||vulnerability||Assignee:||Red Hat Product Security <security-response-team>|
|Status:||CLOSED ERRATA||QA Contact:|
|Version:||unspecified||CC:||acathrow, berrange, dyasny, eblake, jdenemar, jtomko, pmatouse, security-response-team|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2013-05-16 16:56:20 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
|Bug Depends On:||947044, 952780, 957585, 961593, 963789|
Description Jan Lieskovsky 2013-04-17 07:43:18 EDT
A denial of service flaw was found in the way storage pool manager of libvirt, a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes), performed management of socket file descriptors when 'to list all volumes for the particular pool' request was issued (two socket file descriptors were leaked per "list all pool volumes" request). An uprivileged user could use this flaw to cause denial of service (make libvirtd daemon to exhaust / reach the maximum count of open file descriptors, the libvirtd daemon process was allowed to open, possibly preventing other users from use of libvirtd services till the libvirtd daemon was restarted). Acknowledgements: Red Hat would like to thank Edoardo Comar of IBM for reporting this issue.
Comment 3 Jan Lieskovsky 2013-04-17 07:57:51 EDT
Created attachment 736816 [details] Proposed patch from Jan Tomko to correct the deficiency
Comment 4 Jan Lieskovsky 2013-04-17 08:09:07 EDT
This issue did NOT affect the version of the libvirt package, as shipped with Red Hat Enterprise Linux 5. -- This issue affects the version of the libvirt package, as shipped with Red Hat Enterprise Linux 6. -- This issue did NOT affect the version of the libvirt package, as shipped with Fedora release of 17 (as it did NOT support the StoragePoolListAllVolumes API yet). This issue affects the version of the libvirt package, as shipped with Fedora release of 18.
Comment 5 Jan Lieskovsky 2013-04-17 08:22:49 EDT
The CVE identifier of CVE-2013-1962 has been assigned to this issue.
Comment 9 Petr Matousek 2013-05-16 10:15:54 EDT
Comment 10 errata-xmlrpc 2013-05-16 10:34:25 EDT
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2013:0831 https://rhn.redhat.com/errata/RHSA-2013-0831.html