SUSE CVE-2011-2511

Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service libvirtd crash and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption...

SUSE CVE-2012-3445

The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain API calls with typed parameters, which might allow remote authenticated users to cause a denial of service libvirtd crash via an RPC command with nparams set to zero, which triggers an out-of-bounds read...

SUSE CVE-2015-5247

The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service libvirtd crash by triggering a failed unlink after creating a volume on a rootsquash NFS pool...

SUSE CVE-2017-2635

A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service...

SUSE CVE-2019-3840

A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service...

SUSE CVE-2019-10166

It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML API, which would permit them to modify managed save state files. If a managed save had already been created by a privileged user, a local...

SUSE CVE-2022-0897

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver-nwfilters object. This fl...

AlmaLinux 9 : libvirt (ALSA-2022:8003)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2022:8003 advisory. - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over...

EulerOS Virtualization 3.0.6.6 : libvirt (EulerOS-SA-2022-2515)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploite...

EulerOS Virtualization 2.9.1 : libvirt (EulerOS-SA-2022-2373)

According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilte...

CVE-2022-0897

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver-nwfilters object. This fl...

DEBIAN-CVE-2022-0897

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver-nwfilters object. This fl...

CVE-2021-4147

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition...

CVE-2022-0897

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver-nwfilters object. This fl...

UBUNTU-CVE-2022-0897

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver-nwfilters object. This fl...

CVE-2021-4147

A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock or crash, resulting in a denial of service condition...

Design/Logic Flaw

A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver-nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver-nwfilters object. This fl...

Red Hat libvirt 安全漏洞

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. It supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security vulnerability exists in the libvirt nwfilter drive...

Virtuozzo Hybrid Server 7.5 Update 2 Hotfix 2 (7.5.2-464)

The Hotfix 2 for Virtuozzo Hybrid Server 7.5 Update 2 provides stability and usability bug fixes. Vulnerability id: PSBM-136189 QEMU could mark a VM QCOW2 image as corrupt. Vulnerability id: PSBM-136198 QEMU could not be updated. Vulnerability id: PSBM-136407 VCMMD needed to be properly notified ...

Virtuozzo Hybrid Server 7.5 Update 2 Hotfix 1 (7.5.2-444)

The Hotfix 1 for Virtuozzo Hybrid Server 7.5 Update 2 provides new features as well as stability and usability bug fixes. Vulnerability id: PSBM-134035 libvirtd could stop responding during VM autostart after node reboot. Vulnerability id: PSBM-134221 virtio-scsi could abort inside a guest during...