|
libvirt (11.0.0-2ubuntu6.5) plucky-security; urgency=medium
* SECURITY UPDATE: memory consumption DoS via XML parsing
- debian/patches/CVE-2025-12748-pre1.patch: move unlinking corrupt save
image file to caller in src/qemu/qemu_driver.c,
src/qemu/qemu_saveimage.c, src/qemu/qemu_saveimage.h,
src/qemu/qemu_snapshot.c.
- debian/patches/CVE-2025-12748-pre2.patch: decompose qemuSaveImageOpen
in src/qemu/qemu_driver.c, src/qemu/qemu_saveimage.c,
src/qemu/qemu_saveimage.h, src/qemu/qemu_snapshot.c
- debian/patches/CVE-2025-12748-pre3.patch: check for valid save image
format when verifying image header in src/qemu/qemu_saveimage.c.
- debian/patches/CVE-2025-12748-1.patch: add virDomainDefIDsParseString
in src/conf/domain_conf.c, src/conf/domain_conf.h,
src/libvirt_private.syms.
- debian/patches/CVE-2025-12748-2.patch: check ACLs before parsing the
whole domain XML in src/bhyve/bhyve_driver.c.
- debian/patches/CVE-2025-12748-3.patch: check ACLs before parsing the
whole domain XML in src/libxl/libxl_driver.c,
- debian/patches/CVE-2025-12748-4.patch: check ACLs before parsing the
whole domain XML in src/lxc/lxc_driver.c.
- debian/patches/CVE-2025-12748-5.patch: check ACLs before parsing the
whole domain XML in src/vz/vz_driver.c.
- debian/patches/CVE-2025-12748-6.patch: check ACLs before parsing the
whole domain XML in src/ch/ch_driver.c.
- debian/patches/CVE-2025-12748-7.patch: check ACLs before parsing the
whole domain XML in src/qemu/qemu_driver.c,
src/qemu/qemu_migration.c, src/qemu/qemu_migration.h,
src/qemu/qemu_saveimage.c, src/qemu/qemu_saveimage.h,
src/qemu/qemu_snapshot.c.
- debian/patches/CVE-2025-12748-8.patch: fix typo in bhyve driver in
src/bhyve/bhyve_driver.c.
- CVE-2025-12748
* SECURITY UPDATE: incorrect world-readable permissions on snapshots
- debian/patches/CVE-2025-13193.patch: set umask for qemu-img when
creating external inactive snapshots in src/qemu/qemu_snapshot.c.
- CVE-2025-13193
-- Marc Deslauriers <email address hidden> Mon, 08 Dec 2025 10:11:57 -0500
|
