ROS-20240423-02

Vulnerability of gnew0 function of Libvirt virtualization management library is related to incorrect checking of negative array length before memory allocation. checking for negative array length before allocating memory. Exploitation of the vulnerability could allow an attacker to cause a denial...

OESA-2024-1391 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: An off-by-one error flaw was found in the udevListInterfacesByStatus function in...

SUSE CVE-2024-2496

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of...

SUSE CVE-2013-7336

The qemuMigrationWaitForSpice function in qemu/qemumigration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service NULL pointer dereference and libvirtd crash by causing domblkstat to be called a...

Red Hat libvirt Denial of Service Vulnerability (CNVD-2021-46874)

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. It supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A denial of service vulnerability exists in the...

DEBIAN-CVE-2013-7336

The qemuMigrationWaitForSpice function in qemu/qemumigration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service NULL pointer dereference and libvirtd crash by causing domblkstat to be called a...