製品・ソフトウェアに関する情報

JVN脆弱性詳細

複数のレッドハット製品などで利用される libvirt の libvirt.c における任意のコードを実行される脆弱性

Title	複数のレッドハット製品などで利用される libvirt の libvirt.c における任意のコードを実行される脆弱性
Summary	複数のレッドハット製品などで利用される libvirt の API 内にある libvirt.c は、read-only 接続を適切に制限しないため、サービス運用妨害 (ホスト OS クラッシュ) 状態となる、または任意のコードを実行される脆弱性が存在します。本脆弱性は、CVE-2008-5086 とは異なる脆弱性です。
Possible impacts	第三者により、virNodeDeviceDettach、virNodeDeviceReset、virDomainRevertToSnapshot、virDomainSnapshotDelete、virNodeDeviceReAttach またはvirConnectDomainXMLToNative コールを介して、サービス運用妨害 (ホスト OS クラッシュ) 状態にされる、または任意のコードを実行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Feb. 17, 2011, midnight
Registration Date	April 27, 2011, 11:34 a.m.
Last Update	April 27, 2011, 11:34 a.m.

CVSS2.0 : 警告
Score	6.9
Vector	AV:L/AC:M/Au:N/C:C/I:C/A:C

Affected System

レッドハット

Red Hat Enterprise Linux Desktop 6

Red Hat Enterprise Linux HPC Node 6

Red Hat Enterprise Linux Server 6

Red Hat Enterprise Linux Workstation 6

RHEL Desktop Multi OS 5 (client)

RHEL Virtualization 5 (server)

RHEL Virtualization Long Life (v. 5.6 server)

サイバートラスト株式会社

Asianux Server 3 (x86)

Asianux Server 3 (x86-64)

libvirt.org

libvirt 0.8.8 未満

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2011-1146	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1146
National Vulnerability Database (NVD)
2	CVE-2011-1146	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-1146

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-264	https://jvndb.jvn.jp/ja/cwe/CWE-264.html

ベンダー情報

No	Name	URL
Asianux Technical Support Network
1	libvirt-0.8.2-15.3.0.1.AXS3	https://tsn.miraclelinux.com/tsn_local/index.php?m=errata&a=detail&eid=1391
libvirt.org
2	0.8.8: Feb 17 2011	http://libvirt.org/news.html
Red Hat Security Advisory
3	RHSA-2011:0391	https://rhn.redhat.com/errata/RHSA-2011-0391.html

その他

No	Name	URL
ISS X-Force Database
1	66012	http://xforce.iss.net/xforce/xfdb/66012
Secunia Advisory
2	SA43670	http://secunia.com/advisories/43670
3	SA43917	http://secunia.com/advisories/43917
SecurityFocus
4	46820	http://www.securityfocus.com/bid/46820
VUPEN Security
5	VUPEN/ADV-2011-0794	http://www.vupen.com/english/advisories/2011/0794

Change Log

No	Changed Details	Date of change
0	[2011年04月27日] 掲載	Feb. 17, 2018, 10:37 a.m.

NVD Vulnerability Information

CVE-2011-1146

Summary	libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.
Publication Date	March 16, 2011, 2:55 a.m.
Registration Date	Jan. 28, 2021, 4:38 p.m.
Last Update	Nov. 21, 2024, 10:25 a.m.

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:redhat:libvirt:0.8.8:::::::*

Related information, measures and tools

No	URL	タグ
1	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773	Patch
2	http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=71753cb7f7a16ff800381c0b5ee4e99eea92fed3
3	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056209.html
4	http://lists.opensuse.org/opensuse-updates/2011-04/msg00022.html
5	http://openwall.com/lists/oss-security/2011/03/09/3	Patch
6	http://openwall.com/lists/oss-security/2011/03/10/5	Patch
7	http://secunia.com/advisories/43670	Vendor Advisory
8	http://secunia.com/advisories/43780
9	http://secunia.com/advisories/43897
10	http://secunia.com/advisories/43917
11	http://secunia.com/advisories/44069
12	http://www.debian.org/security/2011/dsa-2194
13	http://www.redhat.com/support/errata/RHSA-2011-0391.html
14	http://www.securityfocus.com/bid/46820
15	http://www.securitytracker.com/id?1025262
16	http://www.ubuntu.com/usn/USN-1094-1
17	http://www.vupen.com/english/advisories/2011/0694
18	http://www.vupen.com/english/advisories/2011/0700
19	http://www.vupen.com/english/advisories/2011/0794
20	http://www.vupen.com/english/advisories/2011/0805
21	https://bugzilla.novell.com/show_bug.cgi?id=678406
22	https://bugzilla.redhat.com/show_bug.cgi?id=683650	Patch
23	https://exchange.xforce.ibmcloud.com/vulnerabilities/66012
24	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617773	Patch
25	https://exchange.xforce.ibmcloud.com/vulnerabilities/66012
26	https://bugzilla.redhat.com/show_bug.cgi?id=683650	Patch
27	https://bugzilla.novell.com/show_bug.cgi?id=678406
28	http://www.vupen.com/english/advisories/2011/0805
29	http://www.vupen.com/english/advisories/2011/0794
30	http://www.vupen.com/english/advisories/2011/0700
31	http://www.vupen.com/english/advisories/2011/0694
32	http://www.ubuntu.com/usn/USN-1094-1
33	http://www.securitytracker.com/id?1025262
34	http://www.securityfocus.com/bid/46820
35	http://www.redhat.com/support/errata/RHSA-2011-0391.html
36	http://www.debian.org/security/2011/dsa-2194
37	http://secunia.com/advisories/44069
38	http://secunia.com/advisories/43917
39	http://secunia.com/advisories/43897
40	http://secunia.com/advisories/43780
41	http://secunia.com/advisories/43670	Vendor Advisory
42	http://openwall.com/lists/oss-security/2011/03/10/5	Patch
43	http://openwall.com/lists/oss-security/2011/03/09/3	Patch
44	http://lists.opensuse.org/opensuse-updates/2011-04/msg00022.html
45	http://lists.fedoraproject.org/pipermail/package-announce/2011-March/056209.html
46	http://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=71753cb7f7a16ff800381c0b5ee4e99eea92fed3

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-264	認可・権限・アクセス制御	https://cwe.mitre.org/data/definitions/264.html