[Pkg-libvirt-commits] [libvirt] 04/10: CVE-2014-8136: qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs
Guido Guenther
agx at moszumanska.debian.org
Wed Dec 24 10:14:42 UTC 2014
This is an automated email from the git hooks/post-receive script.
agx pushed a commit to annotated tag debian/1.2.9-7
in repository libvirt.
commit a5452de5cdbb6bb4c11daeb4ea8dd2df80ac3549
Author: Guido Günther <agx at sigxcpu.org>
Date: Wed Dec 24 09:39:18 2014 +0100
CVE-2014-8136: qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs
Closes: #773856
---
...36-qemu-migration-Unlock-vm-on-failed-ACL.patch | 43 ++++++++++++++++++++++
debian/patches/series | 1 +
2 files changed, 44 insertions(+)
diff --git a/debian/patches/security/CVE-2014-8136-qemu-migration-Unlock-vm-on-failed-ACL.patch b/debian/patches/security/CVE-2014-8136-qemu-migration-Unlock-vm-on-failed-ACL.patch
new file mode 100644
index 0000000..6884e25
--- /dev/null
+++ b/debian/patches/security/CVE-2014-8136-qemu-migration-Unlock-vm-on-failed-ACL.patch
@@ -0,0 +1,43 @@
+From: Peter Krempa <pkrempa at redhat.com>
+Date: Mon, 8 Dec 2014 19:25:21 +0100
+Subject: CVE-2014-8136: qemu: migration: Unlock vm on failed ACL check in
+ protocol v2 APIs
+
+Avoid leaving the domain locked on a failed ACL check in
+qemuDomainMigratePerform() and qemuDomainMigrateFinish2().
+
+Introduced in commit abf75aea247e (Add ACL checks into the QEMU driver).
+
+(cherry picked from commit 2bdcd29c713dfedd813c89f56ae98f6f3898313d)
+---
+ src/qemu/qemu_driver.c | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
+index 048ded9..0c9b269 100644
+--- a/src/qemu/qemu_driver.c
++++ b/src/qemu/qemu_driver.c
+@@ -11008,8 +11008,10 @@ qemuDomainMigratePerform(virDomainPtr dom,
+ if (!(vm = qemuDomObjFromDomain(dom)))
+ goto cleanup;
+
+- if (virDomainMigratePerformEnsureACL(dom->conn, vm->def) < 0)
++ if (virDomainMigratePerformEnsureACL(dom->conn, vm->def) < 0) {
++ virObjectUnlock(vm);
+ goto cleanup;
++ }
+
+ if (flags & VIR_MIGRATE_PEER2PEER) {
+ dconnuri = uri;
+@@ -11056,8 +11058,10 @@ qemuDomainMigrateFinish2(virConnectPtr dconn,
+ goto cleanup;
+ }
+
+- if (virDomainMigrateFinish2EnsureACL(dconn, vm->def) < 0)
++ if (virDomainMigrateFinish2EnsureACL(dconn, vm->def) < 0) {
++ virObjectUnlock(vm);
+ goto cleanup;
++ }
+
+ /* Do not use cookies in v2 protocol, since the cookie
+ * length was not sufficiently large, causing failures
diff --git a/debian/patches/series b/debian/patches/series
index 683c80c..2b22fe7 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -19,3 +19,4 @@ util-Prepare-URI-formatting-for-libxml2-2.9.2.patch
security/CVE-2014-8131-Fix-possible-deadlock-and-segfault-in-.patch
qemu-bulk-stats-Fix-logic-in-monitor-handling.patch
security/CVE-2014-8135-storage-fix-crash-caused-by-no-check-r.patch
+security/CVE-2014-8136-qemu-migration-Unlock-vm-on-failed-ACL.patch
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-libvirt/libvirt.git
More information about the Pkg-libvirt-commits
mailing list