Libvirt Security Vulnerabilities and Issues — Libvirt CVE List

Lucene search

RedhatLibvirt

16 matches found

CVE•added 2013/10/03 9:55 p.m.•79 views

CVE-2013-4311

libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288...

4.6CVSS8.2AI score0.00033EPSS

CVE•added 2013/02/08 8:55 p.m.•77 views

CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by trig...

6.8CVSS7.5AI score0.2022EPSS

CVE•added 2013/09/30 9:55 p.m.•75 views

CVE-2013-4296

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via a crafted RPC ca...

4CVSS7.6AI score0.03294EPSS

CVE•added 2013/05/29 12:55 a.m.•65 views

CVE-2013-1962

The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool."

5CVSS6.2AI score0.03779EPSS

CVE•added 2013/09/30 9:55 p.m.•60 views

CVE-2013-4292

libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c.

2.1CVSS7.7AI score0.00068EPSS

CVE•added 2013/12/09 4:36 p.m.•59 views

CVE-2013-4400

virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via unspecified environment variables or command-line arguments.

7.2CVSS8.3AI score0.00053EPSS

CVE•added 2013/11/02 6:55 p.m.•59 views

CVE-2013-4401

The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from...

8.5CVSS8.6AI score0.01463EPSS

CVE•added 2013/09/30 9:55 p.m.•58 views

CVE-2013-4153

Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to cause a denial of service (daemon crash) via a cpu count request, as demonstrated by the "virsh vcpucount dom --guest" command.

5CVSS6.2AI score0.00642EPSS

CVE•added 2013/03/20 3:55 p.m.•57 views

CVE-2013-1766

libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.

3.6CVSS6.2AI score0.00056EPSS

CVE•added 2013/09/30 9:55 p.m.•56 views

CVE-2013-4297

The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.

4CVSS7.7AI score0.0058EPSS

CVE•added 2013/09/30 9:55 p.m.•56 views

CVE-2013-5651

The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.

5CVSS7.8AI score0.00639EPSS

CVE•added 2013/09/30 9:55 p.m.•54 views

CVE-2013-2230

The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration."

4CVSS5.9AI score0.0058EPSS

CVE•added 2013/09/30 9:55 p.m.•53 views

CVE-2013-4239

The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of service (memory corruption and crash) via vectors involving the virConnectListDefinedDomains API function.

4CVSS7.8AI score0.0058EPSS

CVE•added 2013/09/30 9:55 p.m.•52 views

CVE-2013-4291

The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not properly set group memberships, which allows local users to gain privileges.

6.9CVSS8.1AI score0.00046EPSS

CVE•added 2013/09/30 9:55 p.m.•51 views

CVE-2013-2218

Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --i...

5CVSS6.2AI score0.10811EPSS

CVE•added 2013/09/30 9:55 p.m.•51 views

CVE-2013-4154

The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command.

4.3CVSS6.1AI score0.00731EPSS