Lucene search
K

3825 matches found

OpenVAS
OpenVAS
added 2021/10/28 12:0 a.m.24 views

SUSE: Security Advisory (SUSE-SU-2021:3540-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.01366EPSS
Exploits0References9
OSV
OSV
added 2021/10/27 9:14 a.m.5 views

SUSE-SU-2021:3540-1 Security update for libvirt

This update for libvirt fixes the following issues: Security issue fixed: - CVE-2021-3667: Fixed a DoS vulnerability in the libvirt virStoragePoolLookupByTargetPath API. bsc1188843 Non-security issues fixed: - resolved hangs/crashes on libvirtd shutdown bsc1182783 - qemu: Normalize MAC address in...

6.5CVSS6.6AI score0.01366EPSS
Exploits0References8
OSV
OSV
added 2021/10/15 11:3 a.m.4 views

OESA-2021-1385 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: An improper locking issue was found in the virStoragePoolLookupByTargetPath API o...

6.5CVSS6.5AI score0.01366EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2021/10/05 12:0 a.m.42 views

SUSE SLED12: libvirt / libvirt-admin / libvirt-client / libvirt-daemon / etc (SUSE-SU-2021:3277-1)

The remote SUSE Linux SLED12 / SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2021:3277-1 advisory. - CVE-2021-3667: Fixed an improper locking on ACL failure in virStoragePoolLookupByTargetPath API. bsc1188843 Tenable has extracted...

6.5CVSS7AI score0.01366EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2021/10/05 12:0 a.m.25 views

SUSE: Security Advisory (SUSE-SU-2021:3277-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.7AI score0.01366EPSS
Exploits0References7
OSV
OSV
added 2021/10/04 7:14 a.m.7 views

SUSE-SU-2021:3277-1 Security update for libvirt

This update for libvirt fixes the following issues: - CVE-2021-3667: Fixed an improper locking on ACL failure in virStoragePoolLookupByTargetPath API. bsc1188843...

6.5CVSS6.6AI score0.01366EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2021/10/02 12:0 a.m.23 views

Fedora: Security Advisory for libvirt (FEDORA-2021-bce7f9b98c)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

6.5CVSS6.7AI score0.01366EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2021/10/01 12:0 a.m.45 views

RHEL 8 : virt:8.2 and virt-devel:8.2 (RHSA-2021:3704)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3704 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...

8.5CVSS7AI score0.02904EPSS
Exploits1References51
Tenable Nessus
Tenable Nessus
added 2021/10/01 12:0 a.m.56 views

RHEL 8 : virt:av and virt-devel:av (RHSA-2021:3703)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3703 advisory. The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Re...

8.5CVSS6.9AI score0.02904EPSS
Exploits1References54
RedHat Linux
RedHat Linux
added 2021/09/30 7:6 p.m.5 views

libvirt: Insecure sVirt label generation

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.3CVSS6.8AI score0.00493EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/09/30 7:6 p.m.49 views

Moderate: Red Hat Security Advisory: virt:8.2 and virt-devel:8.2 security update

An update for the virt:8.2 and virt-devel:8.2 modules is now available for Red Hat Enterprise Linux Advanced Virtualization 8.2.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.5CVSS6.9AI score0.02904EPSS
Exploits1References25
RedHat Linux
RedHat Linux
added 2021/09/30 7:6 p.m.8 views

libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited...

6.5CVSS6.8AI score0.01366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/09/30 4:59 p.m.5 views

libvirt: Insecure sVirt label generation

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...

6.3CVSS6.8AI score0.00493EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2021/09/30 4:59 p.m.4 views

libvirt: Improper locking on ACL failure in virStoragePoolLookupByTargetPath API

An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath function where a locked virStoragePoolObj object is not properly released on ACL permission failure. Clients connecting to the read-write socket with limited...

6.5CVSS6.8AI score0.01366EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2021/09/30 4:59 p.m.55 views

Moderate: Red Hat Security Advisory: virt:av and virt-devel:av security and bug fix update

An update for the virt:av and virt-devel:av modules is now available for Red Hat Enterprise Linux Advanced Virtualization 8.4. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

8.5CVSS6.9AI score0.02904EPSS
Exploits1References27
Fedora
Fedora
added 2021/09/30 1:14 a.m.43 views

[SECURITY] Fedora 34 Update: libvirt-7.0.0-7.fc34

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...

6.5CVSS3.9AI score0.01366EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.4 views

The vulnerability of the Libvirt virtualization management library, related to authentication errors, allows a perpetrator to trigger a service failure.

The vulnerability of the Libvirt virtualization management library is related to the lack of authentication, allowing connections to only be set for read-only access. This means that libvirt waits for a response from the guest agent for a specified period of time. Exploiting this vulnerability...

6.5CVSS7.1AI score0.00861EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.6 views

The vulnerability of the HTTP cookie files in the Libvirt virtualization management library, related to improper deletion of critical data at the boundary, allows a hacker to access confidential data.

The vulnerability of the HTTP cookie file in the Libvirt virtualization management library is related to the storage of data in the dump XML file of the host domain. Exploiting this vulnerability allows a malicious actor to gain access to confidential data using the dumpxml command...

6.5CVSS7AI score0.01196EPSS
Exploits0References6Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/09/20 12:0 a.m.4 views

The vulnerability of the API virConnectListAllNodeDevices in the Libvirt management library, when using the GRID driver, relates to a failure of the operation beyond the buffer boundaries in memory. This vulnerability allows an attacker to trigger a service failure.

The vulnerability of the API virConnectListAllNodeDevices in the Libvirt control library, when using the GRID driver, is related to the operation exceeding the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to trigger a service failure using the virsh...

6.5CVSS6.8AI score0.01033EPSS
Exploits0References5Affected Software2
RedHat Linux
RedHat Linux
added 2021/09/08 2:9 p.m.73 views

Moderate: Red Hat Security Advisory: Red Hat Virtualization Host security and bug fix update [ovirt-4.4.8]

An update for cockpit-ovirt, ovirt-host, ovirt-hosted-engine-ha, ovirt-hosted-engine-setup, and vdsm is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring...

7.2CVSS6.8AI score0.2241EPSS
Exploits3References7
Rows per page
Query Builder