[SECURITY] [DLA 1315-1] libvirt security update

ID DEBIAN:DLA-1315-1:7AA85
Type debian
Reporter Debian
Modified 2018-03-24T16:25:06


Package : libvirt Version : CVE ID : CVE-2018-1064 CVE-2018-5748 Debian Bug : 887700

Daniel P. Berrange and Peter Krempa of Red Hat discovered a flaw in libvirt, a virtualization API. A lack of restriction for the amount of data read by QEMU Monitor socket can lead to a denial of service by exhaustion of memory resources.

For Debian 7 "Wheezy", these problems have been fixed in version

We recommend that you upgrade your libvirt packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS