DSA-2650-1 libvirt-bin -- files and device nodes ownership change to kvm groupID: oval:org.secpod.oval:def:600988 | Date: (C)2013-03-19 (M)2022-10-10 |
Class: PATCH | Family: unix |
Bastian Blank discovered that libvirtd, a daemon for management of virtual machines, network and storage, would change ownership of devices files so they would be owned by user `libvirt-qemu` and group `kvm`, which is a general purpose group not specific to libvirt, allowing unintended write access to those devices and files for the kvm group members.