19 matches found
MiracleLinux 9 : libvirt-9.5.0-7.el9.ML.1 (AXSA:2023-7009:11)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-7009:11 advisory. libvirt: improper locking in virStoragePoolObjListSearch may lead to denial of service CVE-2023-3750 Tenable has extracted the preceding description block...
TencentOS Server 4: libvirt (TSSA-2024:0363)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0363 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...
GLSA-202412-16 : libvirt: Multiple Vulnerabilities
The remote host is affected by the vulnerability described in GLSA-202412-16 libvirt: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...
Oracle Linux 9 : libvirt (ELSA-2024-9128)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9128 advisory. - udevListInterfaces: Honour array length for zero-length NULL arrays CVE-2024-8235 CVE-2024-8235, RHEL-55373 - Fix off-by-one error in udevListInterfacesByStat...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12792)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-12792 advisory. - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves:...
virt:kvm_utils3 security update
hivex libguestfs 1.44.0-9.0.2 - libguestfs.spec: Add btrfs-progs RPM to appliance Orabug: 35634755 libguestfs-winsupport libiscsi libnbd 1.6.0-6.el8 - Fix CVE-2024-7383 NBD server improper certificate validation resolves: RHEL-52728 1.6.0-5.el8 - Fix CVE-2022-0485: Fail nbdcopy if NBD read or wri...
Oracle Linux 8 : virt:kvm_utils3 (ELSA-2024-12604)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-12604 advisory. - Fix CVE-2022-0485: Fail nbdcopy if NBD read or write fails resolves: rhbz2045718 - Contains fix for NBD Protocol Downgrade Attack CVE-2019-14842. -...
openSUSE: Security Advisory for libvirt (SUSE-SU-2023:3043-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 9 : libvirt-9.5.0-5.el9
The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the libvirt-9.5.0-5.el9 build changelog. - A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and...
Fedora 38 : libvirt (2024-2d35e47af3)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-2d35e47af3 advisory. Fix CVE-2023-3750 and CVE-2023-2700 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Ness...
Moderate: Red Hat Security Advisory: libvirt security, bug fix, and enhancement update
An update for libvirt is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
ALSA-2023:6409 Moderate: libvirt security, bug fix, and enhancement update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version:...
Moderate: libvirt security, bug fix, and enhancement update
The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following packages have been upgraded to a later upstream version:...
Oracle Linux 8 : kvm_utils3 (ELSA-2023-12855)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-12855 advisory. - storage: Fix returning of locked objects from 'virStoragePoolObjListSearch' Peter Krempa Orabug: 35644221 CVE-2023-3750 - virpci: Resolve leak in...
Ubuntu 23.04 : libvirt vulnerability (USN-6253-1)
The remote Ubuntu 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6253-1 advisory. It wad discovered that libvirt incorrectly handled locking when processing certain requests. A local attacker could possibly use this issue to cause libvirt to stop...
CVE-2023-3750 Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to...
CVE-2023-3750
CVE-2023-3750 affects libvirt due to an issue in libvirt’s virStoragePoolObjListSearch that can fail to return a locked pool, causing a race condition and potential denial of service by crashing the libvirt daemon when a lock is attempted from another thread. Public reports in connected advisorie...
CVE-2023-3750 Libvirt: improper locking in virstoragepoolobjlistsearch may lead to denial of service
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to...
CVE-2023-3750
A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to...