What were you trying to do that didn't work?

libvirt-ssh-proxy doesn't check whether domain is running before extracting its VSOCK CID. This means, that the inactive domain XML may contain CID of another (running) domain.

What is the impact of this issue to you?

Please provide the package NVR for which the bug is seen:

How reproducible is this bug?:

Steps to reproduce

1.  Start 2 VMs, both with:
   <vsock model="virtio">
    <cid auto="yes" address="3"/>
   </vsock>

1.  Verify, that VMs have different CID addresses (e.g. 3 and 4)
   virsh dumpxml $dom --xpath //vsock/cid

1.  shut down the domain which got different CID
2.  ssh qemu/$dom
3. Observe SSH complaining about key mismatch

Expected results

Actual results

NB, this issue was reported on the upstream tracker: https://gitlab.com/libvirt/libvirt/-/issues/737