Oracle Linux 8 : virt:ol / and / virt-devel:rhel (ELSA-2020-4676)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2020-4676 advisory. - libslirp 4.0.0, as used in QEMU 4.1.0, has a use-after-free in ipreass in ipinput.c. CVE-2019-15890 - qemu/qemudriver.c in libvirt before 6.0.0...

Oracle Linux 7 : libvirt (ELSA-2020-5719)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-5719 advisory. 5.7.0-15.el7 - qemu: Escape the qemu driver systemd DOT hoax Wim ten Have Orabug: 31380815 5.7.0-14.el7 - vmx: make 'fileName' optional for CD-ROMs Pino Toscano...

libvirt security update

An update is available for libvirt. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The libvirt library contains a C API for managing and interacting with the...

RLSA-2023:3715 Moderate: libvirt security update

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: Memory leak in virPCIVirtualFunctionList cleanup...

virt:rhel and virt-devel:rhel security and bug fix update

An update is available for module.swtpm, module.libtpms, module.libnbd, netcf, module.nbdkit, hivex, libiscsi, libtpms, module.sgabios, libguestfs-winsupport, virt-v2v, module.supermin, module.virt-v2v, module.libvirt-dbus, module.qemu-kvm, supermin, swtpm, libvirt-dbus, sgabios, qemu-kvm,...

RLSA-2023:3822 Moderate: virt:rhel and virt-devel:rhel security and bug fix update

Kernel-based Virtual Machine KVM offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the...

Rocky Linux 9 : libvirt (RLSA-2023:3715)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:3715 advisory. - A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caus...

libvirt: Memory leak in virPCIVirtualFunctionList cleanup

A vulnerability was found in libvirt. This security flaw occurs due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's gautoptr cleanup...

Moderate: Red Hat Security Advisory: virt:rhel and virt-devel:rhel security and bug fix update

An update for the virt:rhel and virt-devel:rhel modules is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

RHEL 8 : virt:rhel and virt-devel:rhel (RHSA-2023:4799)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:4799 advisory. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. Security Fixes: libvirt: Memory...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libvirt (SUSE-SU-2023:3043-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3043-1 advisory. - A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as...

SUSE-SU-2023:3043-1 Security update for libvirt

This update for libvirt fixes the following issues: Security fixes: - CVE-2023-3750: Fixed mproper locking in virStoragePoolObjListSearch that may lead to denial of service bsc1213447. Other fixes: - build library with support for modular daemons bsc1213352...

Ubuntu: Security Advisory (USN-6253-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-6253-1: libvirt vulnerability

It wad discovered that libvirt incorrectly handled locking when processing certain requests. A local attacker could possibly use this issue to cause libvirt to stop responding or crash, resulting in a denial of service...

Denial Of Service (DoS)

libvirt.so is vulnerable to Denial of Service. The vulnerability exists in virStoragePoolObjListSearch of virstorageobj.c because it tries to lock the same item from another thread, which causes an application crash...

Critical Photon OS Security Update - PHSA-2023-5.0-0057

Updates of 'openssh', 'openssl', 'unzip', 'libvirt' packages of Photon OS have been released...

EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2023-2445)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using...

Ubuntu 23.04 : libvirt vulnerability (USN-6253-1)

The remote Ubuntu 23.04 host has packages installed that are affected by a vulnerability as referenced in the USN-6253-1 advisory. It wad discovered that libvirt incorrectly handled locking when processing certain requests. A local attacker could possibly use this issue to cause libvirt to stop...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2023-2445)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-3750

A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race condition and denial of service when attempting to lock the same object from another thread. This issue could allow clients connecting to the read-only socket to...