CVE-2019-20485
Published: 19 March 2020
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
Notes
| Author | Note |
|---|---|
| mdeslaur | it appears this CVE is only for the suspend job because it is the only one that doesn't require write permissions. In libvirt in bionic and older, there was no support for running both agent monitor jobs and normal monitor jobs at the same. Support for doing so was introduced in the following commit: https://gitlab.com/libvirt/libvirt/-/commit/4621350f6d3dbca57bbd97829ff5d4efc3a51c97 As such, it would not appear that a malicious guest agent would be able to block jobs in bionic and earlier, so marking as not-affected. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
libvirt Launchpad, Ubuntu, Debian |
bionic |
Not vulnerable
(4.0.0-1ubuntu8.17)
|
| eoan |
Ignored
(end of life)
|
|
| focal |
Not vulnerable
(6.0.0-0ubuntu4)
|
|
| trusty |
Not vulnerable
|
|
| upstream |
Needs triage
|
|
| xenial |
Not vulnerable
(1.3.1-1ubuntu10.30)
|
|
|
Patches: upstream: https://libvirt.org/git/?p=libvirt.git;a=commit;h=cc1d1dbbd5fa18876a5ca8ac99a991b32ad49409 upstream: https://libvirt.org/git/?p=libvirt.git;a=commit;h=a663a860819287e041c3de672aad1d8543098ecc |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.7 |
| Attack vector | Adjacent |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |