25 matches found
Mageia: Security Advisory (MGASA-2014-0401)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0357-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2015:0241-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle: Security Advisory (ELSA-2014-1873)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Oracle Linux 7 : libvirt (ELSA-2015-0323)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-0323 advisory. - qemu: migration: Unlock vm on failed ACL check in protocol v2 APIs CVE-2014-8136 - CVE-2015-0236: qemu: Check ACLs when dumping security info from sa...
Fedora Update for libvirt FEDORA-2015-1883
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[USN-2404-1] libvirt vulnerabilities
========================================================================== Ubuntu Security Notice USN-2404-1 November 11, 2014 libvirt vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: ...
Fedora 20 : libvirt-1.1.3.8-1.fc20 (2014-15228)
Rebased to version 1.1.3.8 - CVE-2014-3633: out-of-bounds read in blockiotune bz 1160823 - CVE-2014-3657: Potential deadlock in domainconf bz 1160824 - CVE-2014-7823: information leak with migratable flag bz 1160822 Note that Tenable Network Security has extracted the preceding description block...
CentOS 6 : libvirt (CESA-2014:1873)
Updated libvirt packages that fix three security issues and one bug are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
RHEL 6 : libvirt (RHSA-2014:1873)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2014:1873 advisory. The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In...
libvirt security and bug fix update
0.10.2-46.0.1.el66.2 - Replace docs/et.png in tarball with blank image 0.10.2-46.el66.2 - qemu: allow restore with non-migratable XML input rhbz1155564 - qemu: Introduce qemuDomainDefCheckABIStability rhbz1155564 - Make ABI stability issue easier to debug rhbz1155564 - CVE-2014-3633: qemu:...
Ubuntu 14.04 LTS : libvirt vulnerabilities (USN-2404-1)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2404-1 advisory. Pavel Hrdina discovered that libvirt incorrectly handled locking when processing the virConnectListAllDomains command. An attacker could use this issue t...
Ubuntu: Security Advisory (USN-2404-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-2404-1: libvirt vulnerabilities
Pavel Hrdina discovered that libvirt incorrectly handled locking when processing the virConnectListAllDomains command. An attacker could use this issue to cause libvirtd to hang, resulting in a denial of service. CVE-2014-3657 Eric Blake discovered that libvirt incorrectly handled permissions whe...
openSUSE Security Update : libvirt (openSUSE-SU-2014:1293-1)
CVE-2014-3657: Fix domain deadlock fc22b2e7-CVE-2014-3657.patch bsc899484 - CVE-2014-3633: Use correct definition when looking up disk in qemu blkiotune 3e745e8f-CVE-2014-3633.patch bsc897783 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...
openSUSE Security Update : libvirt (openSUSE-SU-2014:1290-1)
CVE-2014-3657: Fix domain deadlock fc22b2e7-CVE-2014-3657.patch bsc899484 - CVE-2014-3633: Use correct definition when looking up disk in qemu blkiotune 3e745e8f-CVE-2014-3633.patch bsc897783 - spec: libvirt-daemon package owns /etc/libvirt, not libvirt-client bnc878056 %NASLMINLEVEL 70300 C...
Updated libvirt packages fix security vulnerbilities
Updated libvirt packages fix security vulnerabilities: An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune function looked up the disk index in a non-persistent live disk configuration while a persistent disk configuration was being indexed. A remote attacker able t...
CVE-2014-3657
The virDomainListPopulate function in conf/domainconf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service deadlock via a NULL value in the second parameter in the virConnectListAllDomains API command...
CVE-2014-3657
CVE-2014-3657 affects libvirt; the virDomainListPopulate in conf/domain_conf.c does not clean up the lock on the domain list, allowing a remote attacker to cause a denial of service via a NULL in the second parameter of virConnectListAllDomains. The advisory text indicates this vulnerability exis...
CentOS 7 : libvirt (CESA-2014:1352)
Updated libvirt packages that fix two security issues and one bug are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...