libvirt: leak of /dev/mapper/control into QEMU guests (CVE-2020-14339)
It was discovered that libvirt is accidentally leaking a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to be made against device mapper on the host. Thus a malicious QEMU has the potential to do serious damage to the host OS.
Fixed In Version:
libvirt 6.6.0
Reference:
https://security-tracker.debian.org/tracker/CVE-2020-14339
Patch:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=22494556542c676d1b9e7f1c1f2ea13ac17e1e3e
Affected branches:
-
master (b6d5feed) -
3.12-stable
Edited by Francesco Colista