30 matches found
TencentOS Server 4: libvirt (TSSA-2024:0961)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2024:0961 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
EUVD-2024-44042
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2024-4418
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to...
Huawei EulerOS: Security Advisory for libvirt (EulerOS-SA-2024-2615)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.10.0 : libvirt (EulerOS-SA-2024-2133)
According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoo...
EulerOS Virtualization 2.10.1 : libvirt (EulerOS-SA-2024-2153)
According to the versions of the libvirt package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoo...
libvirt: stack use-after-free in virNetClientIOEventLoop()
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
libvirt: stack use-after-free in virNetClientIOEventLoop()
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
libvirt: stack use-after-free in virNetClientIOEventLoop()
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
CBL Mariner 2.0 Security Update: libvirt (CVE-2024-4418)
The version of libvirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-4418 advisory. - A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the...
OESA-2024-1743 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A race condition leading to a stack use-after-free flaw was found in libvirt. Due...
ROS-20240607-04
Vulnerability of the virNetClientIOEventLoop method of the Libvirt virtualization management library is related to incorrect execution of the data pointer to the structure virNetClientIOEventLoop in the virNetClientIOEventLoop method virNetClientIOIOEventData. Exploitation of the vulnerability...
OESA-2024-1683 libvirt security update
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux and other OSes. The main package includes the libvirtd server exporting the virtualization support. Security Fixes: A race condition leading to a stack use-after-free flaw was found in libvirt. Due...
Use After Free
libvirt is vulnerable to Use After Free. The vulnerability is due to a race condition in the virNetClientIOEventLoop method, where the data pointer to a stack-allocated structure is used after the stack frame is freed. If libvirt is configured with fine-grained access control, an attacker could...
CVE-2024-4418
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
AZL-40396 CVE-2024-4418 affecting package libvirt for versions less than 10.0.0-5
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
CVE-2024-4418
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
DEBIAN-CVE-2024-4418
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
AZL-40447 CVE-2024-4418 affecting package libvirt for versions less than 7.10.0-10
A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop method, the data pointer to a stack-allocated virNetClientIOEventData structure ended up being used in the virNetClientIOEventFD callback while the data pointer's...
CVE-2024-4418
CVE-2024-4418 is a vulnerability in libvirt causing a race condition that leads to a stack use-after-free in virNetClientIOEventLoop(), where a pointer to a stack-allocated virNetClientIOEventData can be used in virNetClientIOEventFD while its stack frame is freed. The issue can let a local attac...