Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntuUbuntuUSN-1954-1
HistorySep 18, 2013 - 12:00 a.m.

libvirt vulnerabilities

2013-09-1800:00:00
ubuntu.com
28

9.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.4%

JSON

Releases

  • Ubuntu 13.04
  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • libvirt - Libvirt virtualization toolkit

Details

It was discovered that libvirt used the pkcheck tool in an unsafe manner. A
local attacker could possibly use this flaw to bypass polkit
authentication. In Ubuntu, libvirt polkit authentication is not enabled by
default. (CVE-2013-4311)

It was discovered that libvirt incorrectly handled certain memory stats
requests. A remote attacker could use this issue to cause libvirt to
crash, resulting in a denial of service. This issue only affected Ubuntu
12.04 LTS, Ubuntu 12.10, and Ubuntu 13.04. (CVE-2013-4296)

It was discovered that libvirt incorrectly handled certain bitmap
operations. A remote attacker could use this issue to cause libvirt to
crash, resulting in a denial of service. This issue only affected Ubuntu
13.04. (CVE-2013-5651)

OSVersionArchitecturePackageVersionFilename
Ubuntu13.04noarchlibvirt0< 1.0.2-0ubuntu11.13.04.4UNKNOWN
Ubuntu13.04noarchlibvirt-bin< 1.0.2-0ubuntu11.13.04.4UNKNOWN
Ubuntu13.04noarchlibvirt-dev< 1.0.2-0ubuntu11.13.04.4UNKNOWN
Ubuntu13.04noarchlibvirt0-dbg< 1.0.2-0ubuntu11.13.04.4UNKNOWN
Ubuntu13.04noarchpython-libvirt< 1.0.2-0ubuntu11.13.04.4UNKNOWN
Ubuntu12.10noarchlibvirt0< 0.9.13-0ubuntu12.5UNKNOWN
Ubuntu12.10noarchlibvirt-bin< 0.9.13-0ubuntu12.5UNKNOWN
Ubuntu12.10noarchlibvirt-dev< 0.9.13-0ubuntu12.5UNKNOWN
Ubuntu12.10noarchlibvirt0-dbg< 0.9.13-0ubuntu12.5UNKNOWN
Ubuntu12.10noarchpython-libvirt< 0.9.13-0ubuntu12.5UNKNOWN
Rows per page:
1-10 of 201

Related

openvas 20
nessus 16
mageia 1
fedora 4
redhat 2
veracode 3
securityvulns 2
centos 1
oraclelinux 1
altlinux 2
debiancve 3
prion 3
cve 3
ubuntucve 3
debian 1
osv 16
gentoo 2
openvas
openvas
Ubuntu Update for libvirt USN-1954-1
2013-09-24 00:00:00
Ubuntu: Security Advisory (USN-1954-1)
2013-09-24 00:00:00
Mageia: Security Advisory (MGASA-2013-0294)
2022-01-28 00:00:00
nessus
nessus
Ubuntu 10.04 LTS / 12.04 LTS / 12.10 / 13.04 : libvirt vulnerabilities (USN-1954-1)
2013-09-19 00:00:00
openSUSE Security Update : libvirt (openSUSE-SU-2013:1550-1)
2014-06-13 00:00:00
SuSE 11.3 Security Update : libvirt (SAT Patch Number 8421)
2013-11-09 00:00:00
mageia
mageia
Updated libvirt package fixes security vulnerabilities
2013-10-05 21:55:44
fedora
fedora
[SECURITY] Fedora 19 Update: libvirt-1.0.5.6-2.fc19
2013-10-02 06:41:24
[SECURITY] Fedora 20 Update: libvirt-1.1.3-2.fc20
2013-10-12 04:34:13
[SECURITY] Fedora 19 Update: libvirt-1.0.5.9-1.fc19
2014-01-26 11:54:32
redhat
redhat
(RHSA-2013:1272) Important: libvirt security and bug fix update
2013-09-19 00:00:00
(RHSA-2013:1460) Important: rhev-hypervisor6 security and bug fix update
2013-10-29 00:00:00
veracode
veracode
Privilege Escalation
2019-05-02 04:52:27
Denial Of Service (DoS)
2019-01-15 08:59:33
Denial Of Service (DoS)
2018-08-15 07:28:45
securityvulns
securityvulns
libvirt memory corruption
2013-10-02 00:00:00
[SECURITY] [DSA 2764-1] libvirt security update
2013-10-02 00:00:00
centos
centos
libvirt security update
2013-09-20 02:24:43
oraclelinux
oraclelinux
libvirt security and bug fix update
2013-09-19 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 1.1.3-alt1
2013-10-01 00:00:00
Security fix for the ALT Linux 8 package libvirt version 1.1.2-alt1
2013-09-03 00:00:00
debiancve
debiancve
CVE-2013-5651
2013-09-30 21:55:00
CVE-2013-4296
2013-09-30 21:55:00
CVE-2013-4311
2013-10-03 21:55:00
prion
prion
Out-of-bounds
2013-09-30 21:55:00
Null pointer dereference
2013-09-30 21:55:00
Race condition
2013-10-03 21:55:00
cve
cve
CVE-2013-5651
2013-09-30 21:55:00
CVE-2013-4296
2013-09-30 21:55:00
CVE-2013-4311
2013-10-03 21:55:00
ubuntucve
ubuntucve
CVE-2013-5651
2013-08-30 00:00:00
CVE-2013-4296
2013-09-17 00:00:00
CVE-2013-4311
2013-09-18 00:00:00
debian
debian
[SECURITY] [DSA 2764-1] libvirt security update
2013-09-25 19:07:58
osv
osv
libvirt - programming error
2013-09-25 00:00:00
CVE-2020-25637
2020-10-06 14:15:12
CVE-2019-3840
2019-03-27 13:29:01
gentoo
gentoo
polkit, Spice-Gtk, systemd, HPLIP, libvirt: Privilege escalation
2014-06-26 00:00:00
libvirt: Multiple vulnerabilities
2014-12-08 00:00:00

9.1 High

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.011 Low

EPSS

Percentile

84.4%

JSON
Related for USN-1954-1
openvas20nessus16mageia1fedora4redhat2veracode3securityvulns2centos1oraclelinux1altlinux2debiancve3prion3cve3ubuntucve3debian1osv16gentoo2