Oracle Linux 7 : libvirt (ELSA-2022-10062)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2022-10062 advisory. - security: fix SELinux label generation logic Daniel P. Berrange Orabug: 34773029 CVE-2021-3631 Tenable has extracted the preceding description block directly...

Ubuntu 18.04 LTS / 20.04 LTS : libvirt vulnerabilities (USN-5399-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5399-1 advisory. It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvir...

Information Disclosure

libvirt is vulnerable to information disclosure. An attacker is able to access files of other users when the system generates SELiinux MCS category pairs for VMs' dynamic labels...

CVE-2021-3631

A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to access files labeled for another guest, resulting in the breaking out of sVirt confinement. The highest threat from this vulnerability is to confidentiality a...