These APIs can be used to execute arbitrary emulators. Forbid them on read-only connections.
Fixes: CVE-2019-10168 Signed-off-by: Ján Tomko <[email protected]> Reviewed-by: Daniel P. Berrangé <[email protected]> --- src/libvirt-host.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/libvirt-host.c b/src/libvirt-host.c index e20d6ee250..2978825d22 100644 --- a/src/libvirt-host.c +++ b/src/libvirt-host.c @@ -1041,6 +1041,7 @@ virConnectCompareHypervisorCPU(virConnectPtr conn, virCheckConnectReturn(conn, VIR_CPU_COMPARE_ERROR); virCheckNonNullArgGoto(xmlCPU, error); + virCheckReadOnlyGoto(conn->flags, error); if (conn->driver->connectCompareHypervisorCPU) { int ret; @@ -1234,6 +1235,7 @@ virConnectBaselineHypervisorCPU(virConnectPtr conn, virCheckConnectReturn(conn, NULL); virCheckNonNullArgGoto(xmlCPUs, error); + virCheckReadOnlyGoto(conn->flags, error); if (conn->driver->connectBaselineHypervisorCPU) { char *cpu; -- 2.20.1 -- libvir-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/libvir-list
