PublicDateAtUSN: 2020-10-06 14:15:00 UTC Candidate: CVE-2020-25637 PublicDate: 2020-10-06 14:15:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25637 https://ubuntu.com/security/notices/USN-5399-1 Description: A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. Ubuntu-Description: Notes: mdeslaur> Read-only clients can't exploit this flaw. mdeslaur> Clients connecting to the read-write socket can exploit this to mdeslaur> crash libvirt or possibly execute code, but on Ubuntu, mdeslaur> access to the read-write socket already grants root-equivalent mdeslaur> permissions, so this flaw has limited impact. Setting priority mdeslaur> to negligible. Mitigation: Bugs: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971555 Priority: negligible Discovered-by: Assigned-to: mdeslaur CVSS: nvd: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H [6.7 MEDIUM] Patches_libvirt: upstream: https://github.com/libvirt/libvirt/commit/955029bd0ad7ef96000f529ac38204a8f4a96401 (v6.8.0) upstream: https://github.com/libvirt/libvirt/commit/50864dcda191eb35732dbd80fb6ca251a6bba923 (v6.8.0) upstream: https://github.com/libvirt/libvirt/commit/e4116eaa44cb366b59f7fe98f4b88d04c04970ad (v6.8.0) upstream: https://github.com/libvirt/libvirt/commit/a63b48c5ecef077bf0f909a85f453a605600cf05 (v6.8.0) upstream_libvirt: released (6.8.0-1) precise/esm_libvirt: ignored (end of ESM support, was needed) trusty_libvirt: ignored (out of standard support) trusty/esm_libvirt: needed xenial_libvirt: ignored (end of standard support, was needed) esm-infra/xenial_libvirt: needed bionic_libvirt: released (4.0.0-1ubuntu8.21) focal_libvirt: released (6.0.0-0ubuntu8.16) groovy_libvirt: ignored (reached end-of-life) hirsute_libvirt: not-affected (6.8.0-1) impish_libvirt: not-affected (6.8.0-1) jammy_libvirt: not-affected (6.8.0-1) devel_libvirt: not-affected (6.8.0-1)