SUSE CVE-2013-4296

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a crafted RPC ca...

Virtuozzo Automator 7.0 Update 2 Hotfix 12 (VA MN: 7.0.2-670, VA Agent: 7.0.2-398)

Hotfix 12 for Virtuozzo Automator 7.0.2 provides a new feature as well as stability and usability fixes. Vulnerability id: PVA-37513 Changing VM's OS distribution via API calls could reset the 'cpulimit' and 'iolimit' values. Vulnerability id: PVA-37526 Backup configuration was not respected by...

MGASA-2013-0294 Updated libvirt package fixes security vulnerabilities

It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service CVE-2013-4296. It was discovered that libvirt incorrectly handled certain bitmap operations. A remote attacker could...

Updated libvirt package fixes security vulnerabilities

It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service CVE-2013-4296. It was discovered that libvirt incorrectly handled certain bitmap operations. A remote attacker could...

Fedora 19 : libvirt-1.0.5.6-2.fc19 (2013-17618)

Fix snapshot restore when VM has disabled usb support bz 1011520 - Rebased to version 1.0.5.6 - Fix blockjobinfo python API bz 999077 - CVE-2013-4311: Insecure polkit usage bz 1009539, bz 1005332 - CVE-2013-4296: Invalid free memory stats bz 1006173, bz 1009667 - CVE-2013-4291: Supplementary...

Ubuntu: Security Advisory (USN-1954-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

libvirt: invalid free in remoteDispatchDomainMemoryStats

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a crafted RPC ca...

Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : libvirt vulnerabilities (USN-1954-1)

It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. CVE-2013-4311 It was discovered that libvirt incorrectly handled certain...

USN-1954-1: libvirt vulnerabilities

It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. CVE-2013-4311 It was discovered that libvirt incorrectly handled certain...