36 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-3631
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled...
Oracle Linux 8 : virt:kvm_utils1 (ELSA-2024-12791)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12791 advisory. - Bounds check for block exceeding page length CVE-2021-3504 resolves: rhbz1950501 - Fix for CVE-2019-9755 heap-based buffer overflow leads to local root...
[SECURITY] [DLA 3778-1] libvirt security update
Debian LTS Advisory DLA-3778-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin April 01, 2024 https://wiki.debian.org/LTS Package : libvirt Version : 5.0.0-4+deb10u2 CVE ID : CVE-2020-10703 CVE-2020-12430 CVE-2020-25637 CVE-2021-3631 CVE-2021-3667 CVE-2021-3975...
Oracle Linux 8 : virt:kvm_utils (ELSA-2023-12108)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12108 advisory. - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 - hw/display/ati2d: Fix buffer overflow in ati2dblt...
virt:kvm_utils security update
libvirt 5.7.0-38.el8 - qemu: Don't report spurious errors from vCPU tid validation on hotunplug timeout Shaleen Bathla Orabug: 34826758 - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 - qemu: Set default qdisc before setting bandwidth Michal...
Oracle Linux 7 : libvirt (ELSA-2022-10062)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-10062 advisory. - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 Tenable has extracted the preceding description block directly...
EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2022-2515)
According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploite...
EulerOS Virtualization 2.10.0 : libvirt (EulerOS-SA-2022-2045)
According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited...
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2045)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2073)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-3631 affecting package libvirt 6.1.0-6
CVE-2021-3631 affecting package libvirt 6.1.0-6. A patched version of the package is available...
CVE-2021-3631
CVE-2021-3631 affects libvirt: flaw in SELinux MCS category pair generation for VM dynamic labels allows a guest to access files labeled for another guest, breaking sVirt confinement and impacting confidentiality/integrity. Connected advisories confirm libvirt remediation via package upgrades (no...
CLSA-2022-1646071990 Fix of CVE: CVE-2021-3667, CVE-2021-3631
CVE-2021-3631: security: fix SELinux label generation logic - CVE-2021-3667: storagedriver: Unlock object on ACL fail in storagePoolLookupByTargetPath...
Mageia: Security Advisory (MGASA-2021-0399)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
virt:ol and virt-devel:ol security, bug fix, and enhancement update
libguestfs-winsupport 8.2 - Resolves: bz1810193 Upgrade components in virt:rhel module:stream for RHEL-8.3 release libguestfs 1.40.2-28.0.1 - Replace upstream references from description tag - Config supermin to use host yum.conf in ol8 Orabug: 29319324 - Set DISTROORACLELINUX correspeonding to o...
CentOS 8 : virt:rhel and virt-devel:rhel (CESA-2021:4191)
The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2021:4191 advisory. - QEMU: net: e1000e: use-after-free while sending packets CVE-2020-15859 - QEMU: slirp: invalid pointer initialization may lead to information disclosu...
RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2021:4191)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:4191 advisory. Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contai...
Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RLSA-2021:4191 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:Rocky Linux module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting wi...
ALSA-2021:4191 Moderate: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update
Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...