3825 matches found
[SECURITY] Fedora 18 Update: libvirt-0.10.2.5-1.fc18
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...
CVE-2013-1962
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service file descriptor consumption via a large number of requests "to list all volumes for the particular pool."...
CVE-2013-1962
CVE-2013-1962 affects libvirt’s storage pool handling: the remoteDispatchStoragePoolListAllVolumes function in libvirt 1.0.5 may be exploited to exhaust file descriptors by sending a high volume of requests to list all volumes for a pool, causing a denial of service. Multiple advisories note fixe...
Fedora 18 : libvirt-0.10.2.5-1.fc18 (2013-8681)
Rebased to version 0.10.2.5 - Fix creating snapshot on lvm pool bz 955371 - Properly escape audit paths bz 922186 - Follow updated packaging guidelines for user alloc bz 924501 - CVE-2013-1962 Open files DoS bz 963789, bz 953107 Note that Tenable Network Security has extracted the preceding...
CVE-2013-1962
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service file descriptor consumption via a large number of requests "to list all volumes for the particular pool."...
[SECURITY] Fedora 19 Update: libvirt-1.0.5.1-1.fc19
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support...
CVE-2013-1962
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service file descriptor consumption via a large number of requests "to list all volumes for the particular pool."...
Fedora 19 : libvirt-1.0.5.1-1.fc19 (2013-8635)
Rebased to version 1.0.5.1 - Follow updated packaging guidelines for user alloc bz 924501 - CVE-2013-1962 Open files DoS bz 963789, bz 953107 - Fix stream operations like screenshot bz 960879 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...
RHEL 6 : libvirt (RHSA-2013:0831)
Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 6 : libvirt (CESA-2013:0831)
Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS Update for libvirt CESA-2013:0831 centos6
Check for the Version of libvirt OpenVAS Vulnerability Test CentOS Update for libvirt CESA-2013:0831 centos6 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
RedHat Update for libvirt RHSA-2013:0831-01
Check for the Version of libvirt OpenVAS Vulnerability Test RedHat Update for libvirt RHSA-2013:0831-01 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
Scientific Linux Security Update : libvirt on SL6.x i386/x86_64 (20130516)
It was found that libvirtd leaked file descriptors when listing all volumes for a particular pool. A remote attacker able to establish a read- only connection to libvirtd could use this flaw to cause libvirtd to consume all available file descriptors, preventing other users from using libvirtd...
CentOS Update for libvirt CESA-2013:0831 centos6
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scripttagname:"affected",...
RedHat Update for libvirt RHSA-2013:0831-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Moderate: Red Hat Security Advisory: libvirt security and bug fix update
Updated libvirt packages that fix one security issue and two bugs are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
libvirt: DoS (max count of open files exhaustion) due sockets leak in the storage pool
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service file descriptor consumption via a large number of requests "to list all volumes for the particular pool."...
libvirt security and bug fix update
0.10.2-18.0.1.el64.5 - Replace docs/et.png in tarball with blank image 0.10.2-18.el64.5 - daemon: Fix leak after listing volumes CVE-2013-1962 - Don't try to add non-existant devices to ACL rhbz958837 - Avoid spamming logs with cgroups warnings rhbz958837 - audit: Properly encode device path in...
Important: Red Hat Security Advisory: rhev-hypervisor6 security and bug fix update
An updated rhev-hypervisor6 package that fixes several security issues and various bugs is now available. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...
Code injection
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors...