SUSE CVE-2019-10168

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's...

Fedora 30 : libvirt (2019-b2dfb13daf)

CVE-2019-10161: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API bz 1722463, bz 1720115 - CVE-2019-10166: virDomainManagedSaveDefineXML API exposed to readonly clients bz 1722462, bz 1720114 - CVE-2019-10167: arbitrary command execution via virConnectGetDomainCapabilities API bz...

Red Hat libvirt Command Execution Vulnerability

Red Hat libvirt is a Linux API for implementing Linux virtualization features from Red Hat, Inc. It supports a variety of Hypervisors, including Xen and KVM, as well as QEMU and a number of virtual products for other operating systems. A security vulnerability exists in Red Hat libvirt. An attack...

RHEL 7 : libvirt (RHSA-2019:1579)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:1579 advisory. The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems...

Scientific Linux Security Update : libvirt on SL7.x x86_64 (20190620)

Security Fixes : - libvirt: arbitrary file read/exec via virDomainSaveImageGetXMLDesc API CVE-2019-10161 - libvirt: virDomainManagedSaveDefineXML API exposed to readonly clients CVE-2019-10166 - libvirt: arbitrary command execution via virConnectGetDomainCapabilities API CVE-2019-10167 - libvirt:...

CVE-2019-10168

The virConnectBaselineHypervisorCPU and virConnectCompareHypervisorCPU libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's...