MiracleLinux 7 : libvirt-3.9.0-14.el7.4 (AXSA:2018-3092:06)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-3092:06 advisory. libvirt: Resource exhaustion via qemuMonitorIORead method CVE-2018-5748 libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent...

EUVD-2012-4348

Malware in sbrugna...

EUVD-2018-17517

Malware in sbrugna...

EUVD-2018-11717

Malware in sbrugna...

qemu-kvm: 'qemu-img info' leads to host file read/write

A flaw was found in the QEMU disk image utility qemu-img 'info' command. A specially crafted image file containing a json: value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write ...

SUSE CVE-2012-4411

The graphical console in Xen 4.0, 4.1 and 4.2 allows local OS guest administrators to obtain sensitive host resource information via the qemu monitor. NOTE: this might be a duplicate of CVE-2007-0998...

SUSE CVE-2018-1064

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent...

OESA-2022-1891 libvirt security update

Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in...

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.

...

DEBIAN-CVE-2021-3975

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down...

libvirt: segmentation fault during VM shutdown can lead to vdsm hang

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down...

Metasploit Wrap-Up

Welcome, Little Hippo: PetitPotam Our very own @zeroSteiner ported the PetitPotam exploit to Metasploit this week. This module leverages CVE-2021-36942, a vulnerability in the Windows Encrypting File System EFS API, to capture machine NTLM hashes. This uses the EfsRpcOpenFileRaw function of the...

CVE-2019-12928

creationtimestamp| type| source ---|---|--- 2022-02-07 22:01:55+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/misc/qemumonitorhmpmigratecmdexec.rb 2025-10-23 21:12:58+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

CVE-2018-1064

An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent...

DEBIAN-CVE-2019-12928

The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a...

EulerOS Virtualization for ARM 64 3.0.1.0 : libvirt (EulerOS-SA-2019-1394)

According to the versions of the libvirt packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest ...

SUSE-SU-2018:1699-2 Security update for xen

This update for xen fixes several issues. This feature was added: - Added support for qemu monitor command These security issues were fixed: - CVE-2018-3639: Prevent attackers with local user access from extracting information via a side-channel analysis, aka Speculative Store Bypass SSB, Variant...

EulerOS Virtualization 2.5.1 : libvirt (EulerOS-SA-2018-1253)

According to the versions of the libvirt packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU...

Amazon Linux 2 : libvirt (ALAS-2018-1049) (Spectre)

An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent.CVE-2018-1064 qemu/qemumonitor.c in libvirt allows attackers to cause a denial of service memory consumption via a large QEMU reply.CVE-2018-5748 An...

libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent

An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent...