OPENSUSE-SU-2024:11500-1 virt-install-3.2.0-10.1 on GA media

These are all security issues fixed in the virt-install-3.2.0-10.1 package on the GA media of openSUSE Tumbleweed...

Oracle Linux 8 : virt-manager (ELSA-2019-3464)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-3464 advisory. 2.2.1-2.0.1 - Add OL release support to virt-install for OL KVM guest creation Orabug: 26135782 2.2.1-2 - man: virt-install: Fix a couple of launchSecurity...

SUSE CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CentOS 8 : virt-manager (CESA-2019:3464)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2019:3464 advisory. - virt-install: unattended option leaks password via command line argument CVE-2019-10183 Note that Nessus has not tested for this issue but has instead relied...

Information Disclosure

virt-install is vulnerable to information disclosure. The --unattended option causes plaintext passwords to be leaked through the command line argument...

virt-install: unattended option leaks password via command line argument

The virt-install utility used to provision new virtual machines, in virt-manager v2.2.0, has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments. An attacker could obtain these passwords though process listing...

CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

UBUNTU-CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

Design/Logic Flaw

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CVE-2019-10183

The CVE-2019-10183 issue concerns virt-manager/virt-install where the --unattended option accepts the guest VM password on the command line, enabling leakage via process listings on the local host. Affected component: virt-install/virt-manager (2.2.0 introduced the option). Reported impact is lea...

CVE-2019-10183

Virt-install1 utility used to provision new virtual machines has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments, thus leaking them to others users on the system via process listing. It was introduced...

CVE-2019-10183

The virt-install utility used to provision new virtual machines, in virt-manager v2.2.0, has introduced an option '--unattended' to create VMs without user interaction. This option accepts guest VM password as command line arguments. An attacker could obtain these passwords though process listing...

SUSE-SU-2017:3115-1 Security update for xen

This update for xen to version 4.9.1 bsc1027519 fixes several issues. This new feature was added: - Support migration of HVM domains larger than 1 TB These security issues were fixed: - bsc1068187: Failure to recognize errors in the Populate on Demand PoD code allowed for DoS XSA-246 - bsc1068191...