34 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-20485
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of...
Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12792)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12792 advisory. - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves:...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12604)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12604 advisory. - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves: rhbz2045718 - Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. -...
Oracle Linux 7 : libvirt (ELSA-2020-5674)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5674 advisory. - qemu: don't hold both jobs for suspend Jonathon Jongsma Orabug: 31073098 CVE-2019-20485 Tenable has extracted the preceding description block directly from th...
AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2020:4676)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4676 advisory. libvirt: leak of /dev/mapper/control into QEMU guests CVE-2020-14339 QEMU: Slirp: use-after-free during packet reassembly CVE-2019-15890 libvirt: Potentia...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2020:4676)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4676 advisory. - QEMU: Slirp: use-after-free during packet reassembly CVE-2019-15890 - libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent...
libvirt security update
5.7.0-21.el7 - exadata: Fix the validation when defining domain groups Wim ten Have Orabug: 32085856 - Revert 'qemu: dont take agent and monitor job for shutdown' Menno Lageman Orabug: 32080283 - Revert 'qemu: dont hold a monitor and agent job for reboot' Menno Lageman Orabug: 32080283 - Revert...
Amazon Linux 2 : libvirt (ALAS-2020-1557)
The version of libvirt installed on the remote host is prior to 4.5.0-36. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1557 advisory. A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest...
Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2020:4676)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4676 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
ALSA-2020:4676 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
RLSA-2020:4676 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...
Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...
Scientific Linux Security Update : libvirt on SL7.x x86_64 (20201001)
Security Fixes : - libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent CVE-2019-20485 - libvirt: Potential denial of service via active pool without target path CVE-2020-10703 C Tenable Network Security, Inc. The descriptive text is C Scientific Linux...
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2020-2209)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 7 : libvirt (RHSA-2020:4000)
The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4000 advisory. - qemu/qemudriver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a...
libvirt security and bug fix update
4.5.0-36 - virDevMapperGetTargetsImpl: Be tolerant to kernels without DM support rhbz1823976 - virDevMapperGetTargetsImpl: quit early if device is not a devmapper target rhbz1823976 4.5.0-35 - qemu: dont take agent and monitor job for shutdown CVE-2019-20485 - qemu: dont hold a monitor and agent...
RHEL 7 : libvirt (RHSA-2020:4000)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4000 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems...
Updated libvirt packages fix security vulnerability
Updated libvirt packages fix security vulnerability: A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this...