SUSE-SU-2026:0068-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2025-13193: Fixed umask for 'qemu-img' when creating external inactive snapshots bsc1253703 - CVE-2025-12748: Fixed Check ACLs before parsing the whole domain XML bsc1253278...

Medium: libvirt

Issue Overview: A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvirt...

Amazon Linux 2 : libvirt, --advisory ALAS2-2025-3115 (ALAS-2025-3115)

The version of libvirt installed on the remote host is prior to 4.5.0-36. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-3115 advisory. A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was perform...

Unity Linux 20.1070e Security Update: libvirt (UTSA-2025-993323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993323 advisory. A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicio...

Unity Linux 20.1070e Security Update: libvirt (UTSA-2025-993329)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993329 advisory. A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to...

OESA-2025-2896 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was discovered in libvirt in the XML file processing. More specifically, t...

OESA-2025-2895 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...

OESA-2025-2894 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...

OESA-2025-2893 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...

OESA-2025-2892 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...

OESA-2025-2891 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was found in libvirt. External inactive snapshots for shut-down VMs are...

CVE-2025-13193 affecting package libvirt for versions less than 10.0.0-6

CVE-2025-13193 affecting package libvirt for versions less than 10.0.0-6. A patched version of the package is available...

OESA-2025-2814 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was discovered in libvirt in the XML file processing. More specifically, t...

OESA-2025-2813 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was discovered in libvirt in the XML file processing. More specifically, t...

OESA-2025-2812 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was discovered in libvirt in the XML file processing. More specifically, t...

OESA-2025-2810 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A flaw was discovered in libvirt in the XML file processing. More specifically, t...

SUSE: Security Advisory (SUSE-SU-2025:21150-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD : libvirt -- Multiple vulnerabilities (be3167b5-d140-11f0-ad27-c01803b56cc4)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the be3167b5-d140-11f0-ad27-c01803b56cc4 advisory. The libvirt project reports: See changelog for details. Tenable has extracted the preceding...

openSUSE 16 Security Update : libvirt (openSUSE-SU-2025-20100-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20100-1 advisory. - CVE-2025-13193: Fixed Information disclosure via world-readable VM snapshots bsc1253703 - CVE-2025-12748: Fixed Denial of service in XML parsi...

SUSE-SU-2025:21082-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2025-13193: Fixed Information disclosure via world-readable VM snapshots bsc1253703 - CVE-2025-12748: Fixed Denial of service in XML parsing bsc1253278 Other fixes: - spec: Adjust dbus dependency bsc1253642 - qemu: Add support for Intel TD...