Ubuntu Security Notice USN-694-1
17th December, 2008
libvirt vulnerability
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 8.10
- Ubuntu 8.04 LTS
- Ubuntu 7.10
Software description
- libvirt
Details
It was discovered that libvirt did not mark certain operations as read-only. A
local attacker may be able to perform privileged actions such as migrating
virtual machines, adjusting autostart flags, or accessing privileged data in
the virtual machine memory and disks.
Update instructions
The problem can be corrected by updating your system to the following package version:
- Ubuntu 8.10:
- libvirt0 0.4.4-3ubuntu3.1
- Ubuntu 8.04 LTS:
- libvirt0 0.4.0-2ubuntu8.1
- Ubuntu 7.10:
- libvirt0 0.3.0-0ubuntu2.1
To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.
In general, a standard system upgrade is sufficient to effect the
necessary changes.