SUSE CVE-2013-4239

The xenDaemonListDefinedDomains function in xen/xendinternal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service memory corruption and crash via vectors involving the virConnectListDefinedDomains API function...

CVE-2014-0028

libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:searchdomains restrictions in ACLs and obtain sensitive domain object information via a request to the 1 virConnectDomainEventRegister and 2 virConnectDomainEventRegisterAny functions in the...

Memory corruption

The xenDaemonListDefinedDomains function in xen/xendinternal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service memory corruption and crash via vectors involving the virConnectListDefinedDomains API function...

Design/Logic Flaw

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges...

CVE-2013-4239

The xenDaemonListDefinedDomains function in xen/xendinternal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service memory corruption and crash via vectors involving the virConnectListDefinedDomains API function...