From d7ed2b01311f15ba54fe8ea872aab7d59ab2b193 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Fri, 29 Jan 2021 18:03:51 +0000 Subject: gentoo resync : 29.01.2021 --- metadata/glsa/glsa-202101-22.xml | 42 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 metadata/glsa/glsa-202101-22.xml (limited to 'metadata/glsa/glsa-202101-22.xml') diff --git a/metadata/glsa/glsa-202101-22.xml b/metadata/glsa/glsa-202101-22.xml new file mode 100644 index 000000000000..36a94ff168ac --- /dev/null +++ b/metadata/glsa/glsa-202101-22.xml @@ -0,0 +1,42 @@ + + + + libvirt: Unintended access to /dev/mapper/control + A vulnerability in libvirt may allow root privilege escalation. + libvirt + 2021-01-26 + 2021-01-26 + 739948 + local + + + 6.7.0 + 6.7.0 + + + +

libvirt is a C toolkit for manipulating virtual machines.

+ + +

A file descriptor for /dev/mapper/control was insufficiently protected.

+ + +

A local attacker may be able to escalate to root privileges.

+ + +

There is no known workaround at this time.

+ + +

All libvirt users should upgrade to the latest version:

+ + + # emerge --sync + # emerge --ask --oneshot --verbose ">=app-emulation/libvirt-6.7.0" + + + + CVE-2020-14339 + + sam_c + sam_c + -- cgit v1.2.3