Lucene search
K

200 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 3:48 a.m.5 views

SUSE CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

4.3CVSS7.1AI score0.00493EPSS
Exploits1References7
Rockylinux
Rockylinux
added 2023/01/12 8:25 a.m.27 views

selinux-policy bug fix and enhancement update

An update is available for selinux-policy. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The selinux-policy packages contain the rules that govern how confined...

2.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2022/12/16 12:0 a.m.68 views

Oracle Linux 8 : virt:kvm_utils (ELSA-2022-10093)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-10093 advisory. hivex libguestfs 1.40.2-28.0.4 - v2v: Cope with libvirt vpx/esx driver which does not set Orabug: 34026544 1.40.2-28.0.3 - virt-v2v: Specify backing file forma...

6.3CVSS7.1AI score0.00493EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2022/12/06 12:0 a.m.44 views

Oracle Linux 7 : libvirt (ELSA-2022-10062)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-10062 advisory. - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 Tenable has extracted the preceding description block directly...

6.3CVSS7.1AI score0.00493EPSS
Exploits1References2
OSV
OSV
added 2022/12/01 1:8 a.m.9 views

USN-5753-1 snapd vulnerability

The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code...

7.8CVSS7.3AI score0.00384EPSS
Exploits2References2
OSV
OSV
added 2022/11/30 12:0 a.m.7 views

UBUNTU-CVE-2022-3328

Race condition in snap-confine's mustmkdirandopenwithperms...

7.8CVSS7.2AI score0.00384EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2022/07/15 12:0 a.m.57 views

EulerOS Virtualization 2.10.1 : libvirt (EulerOS-SA-2022-2073)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited...

6.5CVSS6.9AI score0.01366EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2022/07/14 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2073)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS6.8AI score0.01366EPSS
Exploits1References2
OSV
OSV
added 2022/05/23 9:5 a.m.5 views

SUSE-SU-2022:1804-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: - CVE-2022-1552: Confine additional operations within 'security restricted operation' sandboxes bsc1199475...

8.8CVSS8.7AI score0.12403EPSS
Exploits0References3
OSV
OSV
added 2022/05/02 5:1 p.m.10 views

USN-5399-1 libvirt vulnerabilities

It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. CVE-2021-3667 It was discovered that libvirt...

7.2CVSS6.8AI score0.01366EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2022/05/02 12:0 a.m.40 views

Ubuntu 18.04 LTS / 20.04 LTS : libvirt vulnerabilities (USN-5399-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5399-1 advisory. It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvir...

7.2CVSS6.6AI score0.01366EPSS
Exploits1References7
Microsoft CVE
Microsoft CVE
added 2022/03/11 8:0 a.m.2 views

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality and integrity.

...

6.3CVSS7.3AI score0.00493EPSS
Exploits1
OSV
OSV
added 2022/03/02 11:15 p.m.1 views

DEBIAN-CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.3CVSS6.7AI score0.00493EPSS
Exploits1References1
OSV
OSV
added 2022/03/02 11:15 p.m.3 views

UBUNTU-CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.3CVSS6.8AI score0.00493EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2022/03/02 12:0 a.m.29 views

CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.9AI score0.00493EPSS
Exploits1References7
CVE
CVE
added 2022/03/02 12:0 a.m.243 views

CVE-2021-3631

CVE-2021-3631 affects libvirt: flaw in SELinux MCS category pair generation for VM dynamic labels allows a guest to access files labeled for another guest, breaking sVirt confinement and impacting confidentiality/integrity. Connected advisories confirm libvirt remediation via package upgrades (no...

6.3CVSS6.2AI score0.00493EPSS
Exploits1References7Affected Software1
Cvelist
Cvelist
added 2022/03/02 12:0 a.m.39 views

CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.5AI score0.00493EPSS
Exploits1References7
Debian CVE
Debian CVE
added 2022/03/02 12:0 a.m.52 views

CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.3CVSS6.4AI score0.00493EPSS
Exploits1
Snyk
Snyk
added 2022/02/18 2:30 p.m.3 views

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass due to failure to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layou...

8.2CVSS5.7AI score0.00437EPSS
Exploits1References2
Snyk
Snyk
added 2022/02/18 2:30 p.m.7 views

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass due to failure to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layou...

8.2CVSS5.7AI score0.00437EPSS
Exploits1References2
Rows per page
Query Builder