21 matches found
MiracleLinux 7 : libvirt-4.5.0-10.el7.10 (AXSA:2019-3893:07)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2019-3893:07 advisory. Security Fix - libvirt systemd Unit SocketMode virtlockd-admin-sock virtlogd-admin-sock CVE-2019-10132 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the...
Oracle Linux 7 : libvirt (ELSA-2019-4687)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-4687 advisory. - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug:...
SUSE: Security Advisory (SUSE-SU-2019:1490-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 8 : virt:rhel (CESA-2019:1268)
The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:1268 advisory. - libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter CVE-2019-10132 Note that Nessus has not tested for this issue but has...
Important: libvirt
Issue Overview: Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. CVE-2019-11091 Modern Intel microprocessors implement hardware-level micro-optimizations to...
Oracle Linux 8 : virt:rhel (ELSA-2019-1268)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1268 advisory. - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 - logging: restrict...
Oracle Linux 7 : libvirt (ELSA-2019-4714)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4714 advisory. - api: disallow virDomainSaveImageGetXMLDesc on read-only connections Jan Tomko Orabug: 29955742 CVE-2019-10161 - api: disallow...
Fedora Update for libvirt FEDORA-2019-9210998aaa
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Fedora 29 : libvirt (2019-9210998aaa)
CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API bz 1722463, bz 1720115 - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients bz 1722462, bz 1720114 - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API bz...
Ubuntu 18.10 / 19.04 : libvirt vulnerabilities (USN-4021-1)
Daniel P. Berrange discovered that libvirt incorrectly handled socket permissions. A local attacker could possibly use this issue to access libvirt. CVE-2019-10132 It was discovered that libvirt incorrectly performed certain permission checks. A remote attacker could possibly use this issue to...
libvirt security update
5.0.0-4.el7 - logging: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - locking: restrict sockets to mode 0600 Daniel P. Berrange Orabug: 29861433 CVE-2019-10132 - admin: reject clients unless their UID matches the current UID Daniel P. Berrange Orabug: 29861433...
CentOS Update for libvirt CESA-2019:1264 centos7
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Scientific Linux Security Update : libvirt on SL7.x x86_64 (20190523)
Security Fixes : - libvirt: wrong permissions in systemd admin-sock due to missing SocketMode parameter CVE-2019-10132 For more details about the security issues, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE pages listed in the References...
Fedora 30 : libvirt (2019-5f105dd2b6)
Fix systemd socket permissions CVE-2019-10132 The virtlockd-admin.socket, virtlogd-admin.sock, virtlockd.socket & virtlogd.socket units must be restarted, if currently running. This can be done with a host reboot or systemctl commands. Note that Tenable Network Security has extracted the precedin...
Oracle Linux 7 : libvirt (ELSA-2019-1264)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-1264 advisory. - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 Tenable has extracted th...
RHEL 7 : libvirt (RHSA-2019:1264)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1264 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In...
RHEL 8 : virt:rhel (RHSA-2019:1268)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:1268 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packag...
Important: Red Hat Security Advisory: libvirt security and bug fix update
An update for libvirt is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from t...
Important: Red Hat Security Advisory: virt:rhel security update
An update for the virt:rhel module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
libvirt security and bug fix update
4.5.0-10.0.1 - added librbd1 as dependency Keshav Sharma 4.5.0-10.el76.10 - virnwfilterbindingobj: Introduce and use virNWFilterBindingObjStealDef rhbz1702173 - admin: reject clients unless their UID matches the current UID CVE-2019-10132 - locking: restrict sockets to mode 0600 CVE-2019-10132 -...