Linux Distros Unpatched Vulnerability : CVE-2013-6456

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The LXC driver lxc/lxcdriver.c in libvirt 1.0.1 through 1.2.1 allows local users to 1 delete arbitrary host devices via the virDomainDeviceDettach API and a...

Linux Distros Unpatched Vulnerability : CVE-2014-5177

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a crafted XML document...

CLSA-2025-1741033614 libvirt: Fix of CVE-2024-2494

CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

CLSA-2025-1741032827 libvirt: Fix of CVE-2024-2494

CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

Linux Distros Unpatched Vulnerability : CVE-2011-2511

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service libvirtd crash and possibly execute arbitrary code via a...

Linux Distros Unpatched Vulnerability : CVE-2010-2242

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended...

Linux Distros Unpatched Vulnerability : CVE-2011-2178

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The virSecurityManagerGetPrivateData function in security/securitymanager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which caus...

Linux Distros Unpatched Vulnerability : CVE-2010-2239

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read...

CLSA-2025-1740230407 libvirt: Fix of 2 CVEs

CVE-2024-1441: fix off-by-one error in udevListInterfacesByStatus - CVE-2024-2494: check for negative array lengths before allocation in remotedaemondispatch...

CLSA-2025-1739822055 libvirt: Fix of CVE-2023-3750

CVE-2023-3750: fix race condition in virStoragePoolObjListSearch function to prevent denial of service...

CLSA-2025-1739386692 libvirt: Fix of 2 CVEs

CVE-2024-2496: fix memory corruption listing interfaces - CVE-2024-4418: fix stack use-after-free in event loop...

Security update for kubevirt

This update for kubevirt fixes the following issues: Update to version 1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.0 Fix DV error report via VM printable status Fix permission error in storage...

SUSE-SU-2025:20054-1 Security update for kubevirt

This update for kubevirt fixes the following issues: - Update to version 1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.1 Release notes https://github.com/kubevirt/kubevirt/releases/tag/v1.3.0 - Fix DV error report via VM printable status - Fix permission error in...

Security update for libvirt

This update for libvirt fixes the following issues: Security issue fixed: CVE-2024-4418: rpc: ensure temporary GSource is removed from client event loop bsc1223849 Non-security issue fixed: libxl: Fix domxml-to-native conversion bsc1222584 qemu: Fix migration with custom XML bsc1226492 Patch...

SUSE-SU-2025:20012-1 Security update for libvirt

This update for libvirt fixes the following issues: Security issue fixed: - CVE-2024-4418: rpc: ensure temporary GSource is removed from client event loop bsc1223849 Non-security issue fixed: - libxl: Fix domxml-to-native conversion bsc1222584 - qemu: Fix migration with custom XML bsc1226492...

libvirt: Multiple Vulnerabilities

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

GLSA-202412-16 : libvirt: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202412-16 libvirt: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block directly...

Astra Linux – Vulnerability in libvirt

A flaw was discovered in libvirt. A refactoring of the code that retrieves the list of interfaces for multiple APIs introduced a corner case on platforms where allocating 0 bytes of memory results in a NULL pointer. This corner case could lead to a NULL pointer being dereferenced, causing the...

Oracle Linux 9 : libvirt (ELSA-2024-9128)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2024-9128 advisory. - udevListInterfaces: Honour array length for zero-length NULL arrays CVE-2024-8235 CVE-2024-8235, RHEL-55373 - Fix off-by-one error in udevListInterfacesByStat...

RHSA-2024:9128 Red Hat Security Advisory: libvirt security update

Bulletin has no description...