Lucene search
+L

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2020-14339

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged...

8.8CVSS7.6AI score0.00416EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/02/09 12:0 a.m.51 views

AlmaLinux 8 : virt:rhel and virt-devel:rhel (ALSA-2020:4676)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2020:4676 advisory. libvirt: leak of /dev/mapper/control into QEMU guests CVE-2020-14339 QEMU: Slirp: use-after-free during packet reassembly CVE-2019-15890 libvirt: Potentia...

8.8CVSS7.1AI score0.04027EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2021/04/19 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2020:2233-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.8AI score0.00416EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2021/03/10 12:0 a.m.64 views

EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2021-1631)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting informati...

8.8CVSS6.9AI score0.02294EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2021/02/01 12:0 a.m.61 views

CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2020:4676)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2020:4676 advisory. - QEMU: Slirp: use-after-free during packet reassembly CVE-2019-15890 - libvirt: Potential DoS by holding a monitor job while querying QEMU guest-agent...

8.8CVSS7AI score0.04027EPSS
Exploits2References7
Tenable Nessus
Tenable Nessus
added 2021/01/26 12:0 a.m.38 views

GLSA-202101-22 : libvirt: Unintended access to /dev/mapper/control

The remote host is affected by the vulnerability described in GLSA-202101-22 libvirt: Unintended access to /dev/mapper/control A file descriptor for /dev/mapper/control was insufficiently protected. Impact : A local attacker may be able to escalate to root privileges. Workaround : There is no kno...

8.8CVSS7.8AI score0.00416EPSS
Exploits0References2
CVE
CVE
added 2020/12/03 12:0 a.m.319 views

CVE-2020-14339

CVE-2020-14339 describes a flaw in libvirt where a file descriptor for /dev/mapper/control is leaked into the QEMU process. This enables privileged operations against the host device-mapper, allowing a malicious guest user or process to perform actions outside normal permissions and potentially d...

8.8CVSS8.1AI score0.00416EPSS
Exploits0References3Affected Software2
RedHat Linux
RedHat Linux
added 2020/11/04 1:30 a.m.78 views

Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.8CVSS6.8AI score0.04027EPSS
Exploits2References28
Tenable Nessus
Tenable Nessus
added 2020/11/04 12:0 a.m.45 views

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2020:4676)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:4676 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...

8.8CVSS7.2AI score0.04027EPSS
Exploits2References36
AlmaLinux
AlmaLinux
added 2020/11/03 12:26 p.m.84 views

Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

8.8CVSS7.2AI score0.04027EPSS
Exploits2References7
OSV
OSV
added 2020/11/03 12:26 p.m.63 views

RLSA-2020:4676 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...

8.8CVSS7.5AI score0.04027EPSS
Exploits2References27
OSV
OSV
added 2020/11/03 12:26 p.m.34 views

ALSA-2020:4676 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

8.8CVSS7.5AI score0.04027EPSS
Exploits2References7
OpenVAS
OpenVAS
added 2020/09/20 12:0 a.m.29 views

openSUSE: Security Advisory for libvirt (openSUSE-SU-2020:1455-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

8.8CVSS8.8AI score0.00416EPSS
Exploits0References2
OSV
OSV
added 2020/09/19 12:20 p.m.9 views

OPENSUSE-SU-2020:1455-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. bsc1161883, bsc1174458 This update was imported from the SUSE:SLE-15-SP2:Update update project...

8.8CVSS9.1AI score0.00416EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2020/09/01 9:42 a.m.91 views

Important: Red Hat Security Advisory: virt:8.2 and virt-devel:8.2 security and bug fix update

An update for the virt:8.2 and virt-devel:8.2 modules is now available for Advanced Virtualization for RHEL 8.2.1. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

8.8CVSS6.8AI score0.0051EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2020/09/01 12:0 a.m.38 views

RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2020:3586)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:3586 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...

8.8CVSS7.2AI score0.0051EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2020/08/19 12:0 a.m.60 views

SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:2269-1)

This update for libvirt fixes the following issues : CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. bsc1161883, bsc1174458 Note that Tenable Network Security has extracted the preceding description block...

8.8CVSS7.7AI score0.00416EPSS
Exploits0References5
OSV
OSV
added 2020/08/18 1:53 p.m.9 views

SUSE-SU-2020:2269-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. bsc1161883, bsc1174458...

8.8CVSS8.5AI score0.00416EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/08/18 12:0 a.m.35 views

SUSE SLED15 / SLES15 Security Update : libvirt (SUSE-SU-2020:2237-1)

This update for libvirt fixes the following issues : CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. - bsc1161883, bsc1174458 qemu: Setup emulator thread and cpuset.mems before exec - bsc1171946 libxl:...

8.8CVSS7.7AI score0.00416EPSS
Exploits0References8
OSV
OSV
added 2020/08/14 7:46 a.m.9 views

SUSE-SU-2020:2237-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2020-14339: Don't leak /dev/mapper/control into QEMU. Use ioctl's to obtain the dependency tree of disks and drop use of libdevmapper. - bsc1161883, bsc1174458 - qemu: Setup emulator thread and cpuset.mems before exec - bsc1171946 - libxl:...

8.8CVSS8.5AI score0.00416EPSS
Exploits0References7
Rows per page
Query Builder