Lucene search
+L

33 matches found

OSV
OSV
added 2018/04/03 2:46 p.m.7 views

SUSE-SU-2018:0861-1 Security update for libvirt

This update for libvirt fixes the following issues: Security issues fixed: - CVE-2017-5715: Fixes for speculative side channel attacks aka 'SpectreAttack' var2 bsc1079869. - CVE-2018-6764: Fixed guest executable code injection via libnssdns.so loaded by libvirtlxc before init bsc1080042. -...

7.8CVSS7AI score0.74041EPSS
Exploits9References9
OSV
OSV
added 2018/02/20 7:20 p.m.4 views

USN-3576-1 libvirt vulnerabilities

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.0...

9.8CVSS7AI score0.03623EPSS
Exploits0References5
OSV
OSV
added 2018/02/07 1:46 p.m.8 views

SUSE-SU-2018:0385-1 Security update for libvirt

This update for libvirt provides several fixes. This security issue was fixed: - CVE-2018-5748: Prevent resource exhaustion via qemuMonitorIORead method which allowed to cause DoS bsc1076500. These security issues were fixed: - Add a qemu hook script providing functionality similar to Xen's...

7.5CVSS6.5AI score0.03175EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2016/01/13 12:0 a.m.44 views

Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2867-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2867-1 advisory. It was discovered that libvirt incorrectly handled the firewall rules on bridge networks when the daemon was restarted. This could result in an unintende...

6.5CVSS6.3AI score0.01802EPSS
Exploits0References6
OSV
OSV
added 2016/01/12 6:6 p.m.7 views

USN-2867-1 libvirt vulnerabilities

It was discovered that libvirt incorrectly handled the firewall rules on bridge networks when the daemon was restarted. This could result in an unintended firewall configuration. This issue only applied to Ubuntu 12.04 LTS. CVE-2011-4600 Peter Krempa discovered that libvirt incorrectly handled...

6.5CVSS6.5AI score0.01802EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2015/06/02 12:0 a.m.11 views

Vulnerabilities of the Red Hat Enterprise Linux operating system that allow attackers to compromise the confidentiality, integrity, and accessibility of protected information

The libvirt-0.10.2 package of the Red Hat Enterprise Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information...

6.8CVSS6.8AI score0.02791EPSS
Exploits0References4
OSV
OSV
added 2014/11/11 4:32 p.m.6 views

USN-2404-1 libvirt vulnerabilities

Pavel Hrdina discovered that libvirt incorrectly handled locking when processing the virConnectListAllDomains command. An attacker could use this issue to cause libvirtd to hang, resulting in a denial of service. CVE-2014-3657 Eric Blake discovered that libvirt incorrectly handled permissions whe...

5CVSS6.8AI score0.02791EPSS
Exploits0References3
OSV
OSV
added 2014/09/30 5:41 p.m.4 views

USN-2366-1 libvirt vulnerabilities

Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if...

5.8CVSS6.9AI score0.02751EPSS
Exploits0References4
OSV
OSV
added 2014/05/29 7:1 a.m.12 views

MGASA-2014-0243 Updated libvirt packages fix multiple vulnerabilities

Updated libvirt packages fix security vulnerabilities: The LXC driver lxc/lxcdriver.c in libvirt 1.0.1 through 1.2.1 allows local users to 1 delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; 2 create arbitrary nodes mknod via the...

5.8CVSS8.2AI score0.00573EPSS
Exploits0References7
OSV
OSV
added 2014/05/08 2:29 p.m.16 views

PYSEC-2014-112

The instance rescue mode in OpenStack Compute Nova 2013.2 before 2013.2.3 and Icehouse before 2014.1, when using libvirt to spawn images and usecowimages is set to false, allows remote authenticated users to read certain compute host files by overwriting an instance disk with a crafted image...

3.5CVSS5.9AI score0.01488EPSS
Exploits0References3
OSV
OSV
added 2013/09/30 9:55 p.m.7 views

CVE-2013-4291

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges...

8.2AI score
Exploits0References4
OSV
OSV
added 2011/05/31 8:55 p.m.8 views

CVE-2011-1486

libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service crash by causing multiple threads to report errors at the same time...

6.3AI score
Exploits0References11
OpenVAS
OpenVAS
added 2010/10/22 12:0 a.m.19 views

Ubuntu Update for libvirt vulnerabilities USN-1008-1

Ubuntu Update for Linux kernel vulnerabilities USN-1008-1 OpenVAS Vulnerability Test $Id: gbubuntuUSN10081.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libvirt vulnerabilities USN-1008-1 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...

4.4CVSS6.6AI score0.00423EPSS
Exploits0References2
Rows per page
Query Builder