Linux Distros Unpatched Vulnerability : CVE-2014-0028

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:searchdomains restrictions in ACLs and obtain sensitive...

Linux Distros Unpatched Vulnerability : CVE-2011-2178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The virSecurityManagerGetPrivateData function in security/securitymanager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which caus...

MGASA-2024-0047 Updated xen, qemu and libvirt packages fix security vulnerabilities

This update fixes several security issues and also improves stability...

MGASA-2021-0547 Updated libvirt packages fix security vulnerability

Fix deadlock on virStoragePoolLookupByTargetPath failure bz 1986113 CVE-2021-3667 More CAPSETPCAP warning fixes bz 1924218 Handle unknown firmware.json errors...

MGASA-2021-0399 Updated libvirt packages fix security vulnerability

Updated libvirt packages fix security vulnerability: insecure sVirt label generation CVE-2021-3631...

MGASA-2020-0283 Updated libvirt packages fix security vulnerability

Updated libvirt packages fix security vulnerability: A flaw was found in the way the libvirtd daemon issued the 'suspend' command to a QEMU guest-agent running inside a guest, where it holds a monitor job while issuing the 'suspend' command to a guest-agent. A malicious guest-agent may use this...

Updated libvirt packages fix security vulnerability

NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function. CVE-2019-3840...

MGASA-2019-0138 Updated libvirt packages fix security vulnerability

NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function. CVE-2019-3840...

MGASA-2018-0262 Updated libvirt packages fix security vulnerability

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Stor...

Updated libvirt packages fix security vulnerability

In virsh, the hostname could crafted maliciously with ssh arguments, which would be passed to ssh bsc1053600...

MGASA-2015-0046 Updated libvirt packages fix CVE-2015-0236

Updated libvirt packages fix security vulnerability: The XML getters for save images and snapshots objects don't check ACLs for the VIRDOMAINXMLSECURE flag and might possibly dump security sensitive information. A remote attacker able to establish a connection to libvirtd could use this flaw to...

Updated libvirt packages fix CVE-2014-8136

Updated libvirt packages fix security vulnerability: The qemuDomainMigratePerform and qemuDomainMigrateFinish2 functions in qemu/qemudriver.c in libvirt do not unlock the domain when an ACL check fails, which allow local users to cause a denial of service via unspecified vectors CVE-2014-8136...

MGASA-2014-0470 Updated libvirt packages fix security vulnerability

Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could possibly use this to gain access to certain information from the domain xml file CVE-2014-7823...

Updated libvirt packages fix security vulnerbilities

Updated libvirt packages fix security vulnerabilities: An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune function looked up the disk index in a non-persistent live disk configuration while a persistent disk configuration was being indexed. A remote attacker able t...

openSUSE Security Update : libvirt (openSUSE-SU-2014:0593-1)

libvirt was updated to fix various bugs and security issues : CVE-2013-7336: libvirt: unprivileged user can crash libvirtd during spice migration CVE-2013-6456: unsafe usage of paths under /proc/$PID/root Bugfixes for libvirt client killed on reboot shutdown. bnc852005 Also notify systemd when we...

MGASA-2014-0051 Updated libvirt packages fix two vulnerabilties

Updated libvirt packages fix security vulnerabilities: It was discovered that insecure job usage could lead to denial of service against libvirtd CVE-2013-6458. It was discovered that a race condition in keepalive handling could lead to denial of service against libvirtd CVE-2014-1447...

Debian Security Advisory DSA 2846-1 (libvirt - several vulnerabilities)

Multiple security issues have been found in Libvirt, a virtualisation abstraction library: CVE-2013-6458 It was discovered that insecure job usage could lead to denial of service against libvirtd. CVE-2014-1447 It was discovered that a race condition in keepalive handling could lead to denial of...

Oracle Linux 6 : libvirt (ELSA-2011-1197)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2011-1197 advisory. 0.8.7-18.0.1.el61.1 - Replace docs/et.png in tarball with blank image libvirt-0.8.7-18.el61.1 - debug: Avoid null dereference on uuid lookup api rhbz728546 - Fi...

Oracle Linux 6 : libvirt (ELSA-2012-0748)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2012-0748 advisory. libvirt-0.9.10-21.0.1.el6 - Replace docs/et.png in tarball with blank image libvirt-0.9.10-21.el6 - qemu: Rollback on used USB devices rhbz743671 - qemu: Dont...

SuSE Update for update openSUSE-SU-2013:0275-1 (update)

Check for the Version of update OpenVAS Vulnerability Test $Id: gbsuse201302751.nasl 8650 2018-02-03 12:16:59Z teissa $ SuSE Update for update openSUSE-SU-2013:0275-1 update Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program ...