发布于3月6日3月6日 超级管理员 Alma Linux: CVE-2023-3750: Moderate: libvirt security, bug fix, and enhancement update (ALSA-2023-6409) Severity 6 CVSS (AV:N/AC:M/Au:S/C:N/I:N/A:C) Published 07/24/2023 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to crash the libvirt daemon. Solution(s) alma-upgrade-libvirt alma-upgrade-libvirt-client alma-upgrade-libvirt-client-qemu alma-upgrade-libvirt-daemon alma-upgrade-libvirt-daemon-common alma-upgrade-libvirt-daemon-config-network alma-upgrade-libvirt-daemon-config-nwfilter alma-upgrade-libvirt-daemon-driver-interface alma-upgrade-libvirt-daemon-driver-network alma-upgrade-libvirt-daemon-driver-nodedev alma-upgrade-libvirt-daemon-driver-nwfilter alma-upgrade-libvirt-daemon-driver-qemu alma-upgrade-libvirt-daemon-driver-secret alma-upgrade-libvirt-daemon-driver-storage alma-upgrade-libvirt-daemon-driver-storage-core alma-upgrade-libvirt-daemon-driver-storage-disk alma-upgrade-libvirt-daemon-driver-storage-iscsi alma-upgrade-libvirt-daemon-driver-storage-logical alma-upgrade-libvirt-daemon-driver-storage-mpath alma-upgrade-libvirt-daemon-driver-storage-rbd alma-upgrade-libvirt-daemon-driver-storage-scsi alma-upgrade-libvirt-daemon-kvm alma-upgrade-libvirt-daemon-lock alma-upgrade-libvirt-daemon-log alma-upgrade-libvirt-daemon-plugin-lockd alma-upgrade-libvirt-daemon-plugin-sanlock alma-upgrade-libvirt-daemon-proxy alma-upgrade-libvirt-devel alma-upgrade-libvirt-docs alma-upgrade-libvirt-libs alma-upgrade-libvirt-nss References https://attackerkb.com/topics/cve-2023-3750 CVE - 2023-3750 https://errata.almalinux.org/9/ALSA-2023-6409.html
参与讨论
你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。
注意:你的帖子需要版主批准后才能看到。