[ubuntu/jammy-security] libvirt 8.0.0-1ubuntu7.15 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Thu Jan 8 12:45:36 UTC 2026 

libvirt (8.0.0-1ubuntu7.15) jammy-security; urgency=medium

  * SECURITY UPDATE: memory consumption DoS via XML parsing
    - debian/patches/CVE-2025-12748-pre1.patch: move unlinking corrupt save
      image file to caller in src/qemu/qemu_driver.c,
      src/qemu/qemu_saveimage.c, src/qemu/qemu_saveimage.h,
      src/qemu/qemu_snapshot.c.
    - debian/patches/CVE-2025-12748-pre2.patch: decompose qemuSaveImageOpen
      in src/qemu/qemu_driver.c, src/qemu/qemu_saveimage.c,
      src/qemu/qemu_saveimage.h, src/qemu/qemu_snapshot.c
    - debian/patches/CVE-2025-12748-pre3.patch: check for valid save image
      format when verifying image header in src/qemu/qemu_saveimage.c.
    - debian/patches/CVE-2025-12748-1.patch: add virDomainDefIDsParseString
      in src/conf/domain_conf.c, src/conf/domain_conf.h,
      src/libvirt_private.syms.
    - debian/patches/CVE-2025-12748-2.patch: check ACLs before parsing the
      whole domain XML in src/bhyve/bhyve_driver.c.
    - debian/patches/CVE-2025-12748-3.patch: check ACLs before parsing the
      whole domain XML in src/libxl/libxl_driver.c,
    - debian/patches/CVE-2025-12748-4.patch: check ACLs before parsing the
      whole domain XML in src/lxc/lxc_driver.c.
    - debian/patches/CVE-2025-12748-5.patch: check ACLs before parsing the
      whole domain XML in src/vz/vz_driver.c.
    - debian/patches/CVE-2025-12748-6.patch: check ACLs before parsing the
      whole domain XML in src/ch/ch_driver.c.
    - debian/patches/CVE-2025-12748-7.patch: check ACLs before parsing the
      whole domain XML in src/qemu/qemu_driver.c,
      src/qemu/qemu_migration.c, src/qemu/qemu_migration.h,
      src/qemu/qemu_saveimage.c, src/qemu/qemu_saveimage.h,
      src/qemu/qemu_snapshot.c.
    - debian/patches/CVE-2025-12748-8.patch: fix typo in bhyve driver in
      src/bhyve/bhyve_driver.c.
    - CVE-2025-12748
  * SECURITY UPDATE: incorrect world-readable permissions on snapshots
    - debian/patches/CVE-2025-13193.patch: set umask for qemu-img when
      creating external inactive snapshots in src/qemu/qemu_snapshot.c.
    - CVE-2025-13193

libvirt (8.0.0-1ubuntu7.14) jammy; urgency=medium

  * d/p/u-aa/lp2120278-* : virt-aa-helper: Avoid duplicate when append rule
    (LP: #2120278)

libvirt (8.0.0-1ubuntu7.13) jammy; urgency=medium

  * d/p/u/lp-2117467-virdevmapper-device-name-for-targets.patch:
    virdevmapper: Always use device name for finding targets. This ensures
    that all the target devices of a multipath device are added to the
    namespace/cgroup of the guest domain.
    Closes LP: #2117467.

libvirt (8.0.0-1ubuntu7.12) jammy; urgency=medium

  * d/p/u/lp2106812-cpu_map-Drop-mpx-from-x86-cpu-models.patch:
    Memory protection extensions (MPX) were introduced in Intel Skylake
    generation CPUs and provided hardware support for bound checking. This
    feature will not be supported in Intel CPUs beginning with the Ice Lake
    generation. Remove missing mpx feature so that libvirts detects correctly
    CPU models (Icelake, ..) instead of the old Blackwell (LP: #2106812)

libvirt (8.0.0-1ubuntu7.11) jammy; urgency=medium

  * d/p/u/lp-2077336-drop-tpm-tis-arch-validation-*.patch: Drop tpm-tis
    validation and fix armv7l VM creation. (LP: #2077336)

Date: 2025-12-08 19:34:11.751919+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/libvirt/8.0.0-1ubuntu7.15
-------------- next part --------------
Sorry, changesfile not available.

More information about the jammy-changes mailing list