rhel and virt-devel:rhel bug fix update

An update is available for libguestfs, libnbd, libtpms, libguestfs-winsupport, nbdkit, supermin, libiscsi, hivex, libvirt, netcf, perl-Sys-Virt, seabios, qemu-kvm, swtpm, virt-v2v, sgabios, libvirt-dbus, libvirt-python. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS...

libvirt: Multiple Vulnerabilities

Background libvirt is a C toolkit for manipulating virtual machines. Description Multiple vulnerabilities have been discovered in libvirt. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There is no known...

GLSA-202210-06 : libvirt: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202210-06 libvirt: Multiple Vulnerabilities - A flaw was found in libvirt, where it leaked a file descriptor for /dev/mapper/control into the QEMU process. This file descriptor allows for privileged operations to happen against th...

CVE-2021-3975 affecting package libvirt 6.1.0-5

CVE-2021-3975 affecting package libvirt 6.1.0-5. A patched version of the package is available...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2515)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2022-2515)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploite...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2409)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2022-2373)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2022-2373)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilte...

EulerOS Virtualization 2.9.0 : libvirt (EulerOS-SA-2022-2409)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilte...

The vulnerability of the qemuDomainGetStatsIOThread function in the qemu_driver.c component of the Libvirt virtualization management library allows a attacker to cause a service failure.

The vulnerability of the qemuDomainGetStatsIOThread function in the qemudriver.c component of the Libvirt control library is related to improper memory release before deleting the last references. Exploiting this vulnerability allows an attacker to trigger a service failure remotely...

The vulnerability of the API virStoragePoolLookupByTargetPath in the virtualization management library Libvirt allows a attacker to cause a service failure.

The vulnerability of the API virStoragePoolLookupByTargetPath in the virtualization management library Libvirt is related to insufficient blocking mechanisms. Exploiting this vulnerability allows an attacker who operates remotely to cause service interruptions...

The vulnerability of the virNWFilterObjListNumOfNWFilters method in the virtualization management library Libvirt allows a attacker to trigger a service failure.

The vulnerability of the virNWFilterObjListNumOfNWFilters method in the Libvirt virtualization management library is related to insufficient blocking mechanisms. Exploiting this vulnerability allows a remote attacker to cause service failures...

The vulnerability of the Libvirt virtualization management library, related to insufficient blocking, allows a attacker to trigger a service failure.

The vulnerability of the Libvirt virtualization management library is related to insufficient blocking mechanisms. Exploiting this vulnerability could allow an attacker to cause a service failure...

Moderate Photon OS Security Update - PHSA-2022-3.0-0450

Updates of 'libvirt' packages of Photon OS have been released...

OESA-2022-1891 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in...

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.

...

Ubuntu: Security Advisory (USN-3985-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-4047-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-3975

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down...