These APIs can be used to execute arbitrary emulators.
Forbid them on read-only connections.
Fixes: CVE-2019-10168
Signed-off-by: Ján Tomko <jtomko@xxxxxxxxxx>
Reviewed-by: Daniel P. Berrangé <berrange@xxxxxxxxxx>
---
src/libvirt-host.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/libvirt-host.c b/src/libvirt-host.c
index e20d6ee250..2978825d22 100644
--- a/src/libvirt-host.c
+++ b/src/libvirt-host.c
@@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn,
virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR);
virCheckNonNullArgGoto(xmlCPU, error);
+ virCheckReadOnlyGoto(conn->flags, error);
if (conn->driver->connectCompareHypervisorCPU) {
int ret;
@@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn,
virCheckConnectReturn(conn, NULL);
virCheckNonNullArgGoto(xmlCPUs, error);
+ virCheckReadOnlyGoto(conn->flags, error);
if (conn->driver->connectBaselineHypervisorCPU) {
char *cpu;
--
2.20.1
--
libvir-list mailing list
libvir-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/libvir-list
