1962605 – libvirt: nodedev-list crash on host with grid host driver installed

Bug 1962605 - libvirt: nodedev-list crash on host with grid host driver installed

Summary: libvirt: nodedev-list crash on host with grid host driver installed

Keywords:
Status:	CLOSED DUPLICATE of bug 1962306
Alias:	None
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1962606
Blocks:	1958756 1976841
TreeView+	depends on / blocked

Reported:	2021-05-20 11:00 UTC by Dhananjay Arunesh
Modified:	2024-03-20 12:24 UTC (History)
CC List:	18 users (show)
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	A flaw was found in libvirt in the virConnectListAllNodeDevices API. It only affects hosts with a PCI device and driver that supports mediated devices (ex., GRID driver). This flaw allows an unprivileged client with a read-only connection to crash the libvirt daemon by executing the 'nodedev-list' virsh command. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed:	2021-05-20 11:24:38 UTC
Embargoed:

Attachments	(Terms of Use)

Description Dhananjay Arunesh 2021-05-20 11:00:53 UTC

A vulnerability was found in libvirt, where nodedev-list cause libivrt crash on host with grid host driver installed.

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1916097

Comment 1 Dhananjay Arunesh 2021-05-20 11:24:38 UTC


*** This bug has been marked as a duplicate of bug 1962306 ***

Comment 2 Salvatore Bonaccorso 2021-05-21 04:31:05 UTC

I believe this CVE here (CVE-2021-3556) is just a duplicate of the CVE-2021-3559 assignment?

See https://bugzilla.redhat.com/show_bug.cgi?id=1962306 which refers to CVE-2021-3559 and has as fixxing commit https://gitlab.com/libvirt/libvirt/-/commit/4c4d0e2da07b5a035b26a0ff13ec27070f7c7b1a referenced, which is the same mentioned in https://bugzilla.redhat.com/show_bug.cgi?id=1916097.

Comment 3 Mauro Matteo Cascella 2021-05-21 12:54:06 UTC

Hi Salvatore, 

you're right, this bug was created by mistake. Please refer to bz#1962306. 

Dhananjay, please mark CVE-2021-3556 as duplicate.

Thank you.

Comment 4 Salvatore Bonaccorso 2021-06-22 10:52:36 UTC

Hi

Would it be possible to as well remove the Alias in Bugzilla for the CVE, so that people do not further stumble over it? Will the CVE as well be marked REJECTED on CNA level?

Thank you for your work,

Regards,
Salvatore

Comment 5 msiddiqu 2021-06-28 12:15:25 UTC

In reply to comment #4:
> Hi
> 
> Would it be possible to as well remove the Alias in Bugzilla for the CVE, so
> that people do not further stumble over it? Will the CVE as well be marked
> REJECTED on CNA level?

Affirmative. Marked for rejection at MITRE. Bugs alias fixed.

Note You need to log in before you can comment on or make changes to this bug.