20 matches found
EUVD-2011-2170
Malware in sbrugna...
openSUSE Security Update : libvirt (openSUSE-SU-2010:0625-1)
libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...
Design/Logic Flaw
The virSecurityManagerGetPrivateData function in security/securitymanager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary...
CVE-2011-2178
The virSecurityManagerGetPrivateData function in security/securitymanager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary...
Ubuntu: Security Advisory (USN-1152-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu Update for libvirt regression USN-1008-4
Ubuntu Update for Linux kernel vulnerabilities USN-1008-4 OpenVAS Vulnerability Test $Id: gbubuntuUSN10084.nasl 7965 2017-12-01 07:38:25Z santu $ Ubuntu Update for libvirt regression USN-1008-4 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH,...
Ubuntu: Security Advisory (USN-1008-4)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 10.04 LTS : libvirt regression (USN-1008-4)
USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify 'hostdevice' as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old...
USN-1008-4: libvirt regression
USN-1008-1 fixed vulnerabilities in libvirt. The upstream fixes for CVE-2010-2238 changed the behavior of libvirt such that the domain XML could not specify 'hostdevice' as the qemu sub-type. While libvirt 0.8.3 and later will longer support specifying this sub-type, this update restores the old...
[USN-1008-1] libvirt vulnerabilities
=========================================================== Ubuntu Security Notice USN-1008-1 October 21, 2010 libvirt vulnerabilities CVE-2010-2237, CVE-2010-2238, CVE-2010-2239, CVE-2010-2242 =========================================================== A security issue affects the following Ubun...
Ubuntu 10.04 LTS : libvirt update (USN-1008-3)
USN-1008-1 fixed vulnerabilities in libvirt. The update for Ubuntu 10.04 LTS reverted a recent bug fix update. This update fixes the problem. We apologize for the inconvenience. It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A...
Ubuntu 10.04 LTS : virtinst update (USN-1008-2)
Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to 'raw' when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not...
Ubuntu 8.04 LTS / 9.04 / 9.10 / 10.04 LTS : libvirt vulnerabilities (USN-1008-1)
It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor...
Ubuntu: Security Advisory (USN-1008-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-1008-2: Virtinst update
Libvirt in Ubuntu 10.04 LTS now no longer probes qemu disks for the image format and defaults to 'raw' when the format is not specified in the XML. This change in behavior breaks virt-install --import because virtinst in Ubuntu 10.04 LTS did not allow for specifying a disk format and does not...
USN-1008-1: libvirt vulnerabilities
It was discovered that libvirt would probe disk backing stores without consulting the defined format for the disk. A privileged attacker in the guest could exploit this to read arbitrary files on the host. This issue only affected Ubuntu 10.04 LTS. By default, guests are confined by an AppArmor...
openSUSE Security Update : libvirt (openSUSE-SU-2010:0620-1)
libvirt did not properly handle configured disk formats which potenially allowed users to read arbitrary files CVE-2010-2237, CVE-2010-2238, CVE-2010-2239 Improperly mapped source privileged ports in guests may allow obtaining privileged resources on the host CVE-2010-2242. %NASLMINLEVEL 70300 C...
CVE-2010-2238
The CVE-2010-2238 entry affects Red Hat libvirt (likely 0.7.2 through 0.8.2). The issue arises because libvirt recurses into disk-image backing stores without extracting the defined disk backing-store format, which may allow a guest OS user to read arbitrary host files and potentially other impac...
Fedora Update for libvirt FEDORA-2010-11021
Check for the Version of libvirt OpenVAS Vulnerability Test Fedora Update for libvirt FEDORA-2010-11021 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Fedora Update for libvirt FEDORA-2010-10960
The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...