Lucene search

K
oraclelinuxOracleLinuxELSA-2020-4000
HistoryOct 06, 2020 - 12:00 a.m.

libvirt security and bug fix update

2020-10-0600:00:00
linux.oracle.com
11

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

[4.5.0-36]

  • virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support (rhbz#1823976)
  • virDevMapperGetTargetsImpl: quit early if device is not a devmapper target (rhbz#1823976)
    [4.5.0-35]
  • qemu: dont take agent and monitor job for shutdown (CVE-2019-20485)
  • qemu: dont hold a monitor and agent job for reboot (CVE-2019-20485)
  • qemu: dont hold monitor and agent job when setting time (CVE-2019-20485)
  • qemu: remove use of qemuDomainObjBeginJobWithAgent() (CVE-2019-20485)
  • qemu: remove qemuDomainObjBegin/EndJobWithAgent() (CVE-2019-20485)
  • storage: Fix daemon crash on lookup storagepool by targetpath (CVE-2020-10703)
    [4.5.0-34]
  • vmx: shortcut earlier few ‘ignore’ cases in virVMXParseDisk() (rhbz#1815269)
  • vmx: make ‘fileName’ optional for CD-ROMs (rhbz#1815269)
  • RHEL: Fix migration on AMD hosts with old QEMU (rhbz#1815572)

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P