Package: autopkgtest Version: 5.10 Severity: normal File: /usr/bin/autopkgtest-virt-qemu Tags: patch User: de...@kali.org Usertags: origin-kali kali-patch
When qemu is run by autopkgtest-virt-qemu, it will happily forward the SSH port of the test VM to all network interfaces. I'm not quite sure what's the purpose of this port forward (I thought everything happened over serial terminals), but IMO it should really be restricted to localhost only. Here's the (untested & trivial) patch: --- /usr/bin/autopkgtest-virt-qemu 2019-02-25 15:05:15.000000000 +0100 +++ /tmp/autopkgtest-virt-qemu 2019-06-28 15:02:38.942235854 +0200 @@ -540,7 +540,7 @@ ssh_port = find_free_port(10022) if ssh_port: adtlog.debug('Forwarding local port %i to VM ssh port 22' % ssh_port) - nic_opt = ',hostfwd=tcp::%i-:22' % ssh_port + nic_opt = ',hostfwd=tcp:127.0.0.1:%i-:22' % ssh_port else: nic_opt = '' -- System Information: Debian Release: 10.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 'oldstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8), LANGUAGE=fr_FR.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages autopkgtest depends on: ii apt-utils 1.8.2 ii libdpkg-perl 1.19.7 ii procps 2:3.3.15-2 ii python3 3.7.3-1 ii python3-debian 0.1.35 Versions of packages autopkgtest recommends: ii autodep8 0.18 Versions of packages autopkgtest suggests: pn lxc <none> pn lxd <none> ii ovmf 0~20181115.85588389-3 pn qemu-efi-aarch64 <none> pn qemu-efi-arm <none> pn qemu-system <none> ii qemu-utils 1:3.1+dfsg-8 ii schroot 1.6.10-6+b1 ii vmdb2 0.13.2+git20190215-1 -- no debconf information