73 matches found
CVE-2012-2693
CVE-2012-2693 affects libvirt (likely before 0.9.12): multiple USB devices with identical vendor/product IDs may be misassigned to a guest, enabling local access to unintended USB devices. The linked advisories indicate fixes in official releases (e.g., MiracleLinux/Oracle Linux advisories refere...
CVE-2021-3559
CVE-2021-3559 : A flaw in libvirt’s virConnectListAllNodeDevices API affects hosts with PCI devices using mediated devices (e.g., GRID driver) and libvirt versions before 7.0.0. An unprivileged client with a read-only connection can crash the libvirt daemon by executing the nodedev-list command, ...
CVE-2013-6457
CVE-2013-6457 concerns the libxlDomainGetNumaParameters function in the libxl driver of libvirt before 1.2.1, which fails to initialize the nodemap. This can enable local users to cause a denial of service (invalid free/crash) and may allow arbitrary code execution via an inactive domain when usi...
CVE-2012-3445
The CVE-2012-3445 issue affects libvirt 0.9.13 through the virTypedParameterArrayClear function. The vulnerability arises when handling virDomain* API calls with typed parameters, enabling remote authenticated users to trigger a denial of service (libvirtd crash) by sending an RPC command with np...
CVE-2013-6436
CVE-2013-6436 affects the libvirt lxc driver. The vulnerability is in lxcDomainGetMemoryParameters in libvirt before the patch/cleanup, where memory tunables are read without properly checking the LXC guest status. A local user can trigger a denial of service (NULL pointer dereference, libvirtd c...
CVE-2014-0028
CVE-2014-0028 affects libvirt 1.1.1 through 1.2.0. The issue enables context-dependent attackers to bypass domain:getattr and connect:search_domains restrictions in ACLs and retrieve sensitive domain object information via the event registration API calls virConnectDomainEventRegister and virConn...
CVE-2017-2635
CVE-2017-2635 describes a NULL pointer dereference in libvirt when handling empty drives, affecting libvirt versions 2.5.0 to 3.0.0. The flaw can be triggered remotely by an authenticated user, crashing the libvirtd daemon and causing denial of service. Connected documents corroborate the same is...
CVE-2013-1766
CVE-2013-1766 affects libvirt (libvirtd) prior to version in Debian squeeze; the daemon would change ownership of device files to the kvm group, enabling local users to write to those devices via unspecified vectors. Impact described as local access to files/devices with potential for partial int...
CVE-2013-4401
CVE-2013-4401 affects libvirt 1.1.0–1.1.3, where virConnectDomainXMLToNative incorrectly checks connect:read instead of connect:write. This mispermission enables a remote attacker to obtain domain:write privileges and may allow execution of Qemu binaries via crafted XML. Public disclosures in var...
CVE-2013-4400
CVE-2013-4400 affects libvirt up to 1.1.3 (1.1.2–1.1.3). Local users can overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments in virt-login-shell. Public references in multiple advisories confirm affected versions and a need to upg...
CVE-2013-7336
CVE-2013-7336 affects libvirt in qemu migration flow. The qemuMigrationWaitForSpice function in qemu/qemu_migration.c fails to properly enter a monitor during seamless SPICE migration, enabling a local user to trigger a NULL pointer dereference and libvirtd crash by racing with qemuMonitorGetSpic...
CVE-2015-5247
The CVE-2015-5247 issue affects libvirt’s virStorageVolCreateXML API in libvirt 1.2.14–1.2.19, where remote authenticated users with a read-write connection can cause a libvirtd crash (denial of service) by triggering a failed unlink after creating a volume on a root_squash NFS pool. This is docu...
CVE-2013-4292
CVE-2013-4292 affects libvirt 1.1.0 and 1.1.1. Local users can cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c. Exploitation details are not provided in the sources; the NVD e...
CVE-2013-4153
CVE-2013-4153 : A double free in qemuAgentGetVCPUs in libvirt (libvirt 1.0.6–1.1.0) can be exploited remotely to crash the daemon via a cpu count request (e.g., virsh vcpucount dom --guest). Connected docs confirm the affected component and vulnerability pattern; remediation is available in newer...
CVE-2014-8131
CVE-2014-8131 affects the qemu implementation of virConnectGetAllDomainStats in libvirt up to version 1.2.10. When a domain is skipped due to ACL restrictions, locks are not handled properly, enabling a remote authenticated user to trigger a denial of service (deadlock or segmentation fault) by r...
CVE-2014-8135
The CVE-2014-8135 issue affects libvirt up to version 1.2.11, where storageVolUpload in storage/storage_driver.c fails to check a return value. This allows local attackers to trigger a NULL pointer dereference and daemon crash via a crafted offset in the virsh vol-upload command, causing a local ...
CVE-2013-4291
Libvirt CVE-2013-4291 affects virSecurityManagerSetProcessLabel in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1. When a domain has read an uid:gid label, it fails to correctly set group memberships, enabling local users to gain privileges. The description indicates a local privilege escalation path, but ...
CVE-2013-4297
The CVE-2013-4297 issue affects libvirt up to version 1.1.2, where the virFileNBDDeviceAssociate function in util/virfile.c can trigger a denial of service via an uninitialized pointer dereference when accessed by remote, authenticated users. The vectors are unspecified in the provided documents....
CVE-2013-4399
The CVE-2013-4399 issue affects libvirt up to version 1.1.3, where remoteClientFreeFunc in daemon/remote.c fails to set an identity when ACLs are used. This can allow an attacker to deny service by registering an event handler and then closing the connection, due to a use-after-free that can cras...
CVE-2013-4239
CVE-2013-4239 affects libvirt 1.1.1 via the xenDaemonListDefinedDomains path (xen/xend_internal.c). The vulnerability allows remote authenticated users to trigger memory corruption and a denial of service crash by calling virConnectListDefinedDomains. This is caused in the Xen integration within ...
CVE-2013-2218
CVE-2013-2218 describes a double-free vulnerability in libvirt 1.0.6, specifically in virConnectListAllInterfaces() within interface/interface_backend_netcf.c. The underlying issue can allow a remote attacker to crash libvirtd (Denial of Service) by using a filtering flag that causes an interface...
CVE-2013-2230
The provided data confirms CVE-2013-2230 affects the libvirt qemu driver (qemu/qemu_driver.c) in libvirt versions prior to 1.1.1. It enables remote authenticated users to trigger a denial of service (daemon crash) via unspecified vectors tied to multiple events registration. The available details...
CVE-2013-4154
The CVE-2013-4154 entry concerns libvirt’s qemuAgentCommand path. Affected component: libvirt prior to 1.1.1. When a guest agent is not configured, remote attackers can trigger a NULL pointer dereference via agent based CPU (un)plug vectors (as demonstrated by virsh vcpucount foobar --guest), cau...