Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
ubuntucveUbuntu.comUB:CVE-2011-1146
HistoryMar 15, 2011 - 12:00 a.m.

CVE-2011-1146

2011-03-1500:00:00
ubuntu.com
ubuntu.com
12

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.075 Low

EPSS

Percentile

94.1%

JSON

libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict
operations in a read-only connection, which allows remote attackers to
cause a denial of service (host OS crash) or possibly execute arbitrary
code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3)
virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5)
virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different
vulnerability than CVE-2008-5086.

Bugs

Notes

Author Note
jdstrand code not present in 8.04 LTS
OSVersionArchitecturePackageVersionFilename
ubuntu9.10noarchlibvirt< 0.7.0-1ubuntu13.3UNKNOWN
ubuntu10.04noarchlibvirt< 0.7.5-5ubuntu27.9UNKNOWN
ubuntu10.10noarchlibvirt< 0.8.3-1ubuntu14.1UNKNOWN

Related

debiancve 2
prion 2
cve 2
nessus 29
openvas 33
veracode 2
ubuntucve 1
securityvulns 4
fedora 6
ubuntu 2
oraclelinux 3
debian 1
redhat 3
altlinux 1
centos 1
gentoo 1
osv 16
debiancve
debiancve
CVE-2011-1146
2011-03-15 17:55:00
CVE-2008-5086
2008-12-19 17:30:00
prion
prion
Code injection
2011-03-15 17:55:00
Code injection
2008-12-19 17:30:00
cve
cve
CVE-2011-1146
2011-03-15 17:55:00
CVE-2008-5086
2008-12-19 17:30:00
nessus
nessus
openSUSE Security Update : libvirt (libvirt-373)
2009-07-21 00:00:00
Fedora 10 : libvirt-0.5.1-2.fc10 (2008-11443)
2009-04-23 00:00:00
openSUSE Security Update : libvirt (libvirt-373)
2009-07-21 00:00:00
openvas
openvas
SLES10: Security update for libvirt
2009-10-13 00:00:00
Fedora Update for libvirt FEDORA-2008-11443
2009-02-13 00:00:00
Ubuntu Update for libvirt vulnerability USN-694-1
2009-03-23 00:00:00
veracode
veracode
Privilege Escalation
2020-04-10 00:30:41
Privilege Escalation
2020-04-10 00:56:05
ubuntucve
ubuntucve
CVE-2008-5086
2008-12-19 00:00:00
securityvulns
securityvulns
[USN-694-1] libvirt vulnerability
2008-12-21 00:00:00
libvirt privilege escalation
2008-12-21 00:00:00
libvirt protection bypass
2011-03-23 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: libvirt-0.5.1-2.fc9
2008-12-21 08:18:01
[SECURITY] Fedora 10 Update: libvirt-0.5.1-2.fc10
2008-12-21 08:30:41
[SECURITY] Fedora 15 Update: libvirt-0.8.8-3.fc15
2011-03-19 05:50:43
ubuntu
ubuntu
libvirt vulnerability
2008-12-18 00:00:00
Libvirt vulnerability
2011-03-29 00:00:00
oraclelinux
oraclelinux
libvirt security update
2011-03-28 00:00:00
libvirt security update
2009-03-19 00:00:00
libvirt security, bug fix, and enhancement update
2011-07-31 00:00:00
debian
debian
[SECURITY] [DSA 2194-1] libvirt security update
2011-03-18 07:48:13
redhat
redhat
(RHSA-2011:0391) Important: libvirt security update
2011-03-28 00:00:00
(RHSA-2009:0382) Moderate: libvirt security update
2009-03-19 00:00:00
(RHSA-2011:0439) Moderate: rhev-hypervisor security and bug fix update
2011-04-13 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package libvirt version 0.9.0-alt1
2011-04-06 00:00:00
centos
centos
libvirt security update
2011-04-28 14:15:01
gentoo
gentoo
libvirt: Multiple vulnerabilities
2012-02-27 00:00:00
osv
osv
CVE-2022-0897
2022-03-25 19:15:10
CVE-2021-3667
2022-03-02 23:15:08
CVE-2021-3559
2021-05-24 12:15:07

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.075 Low

EPSS

Percentile

94.1%

JSON
Related for UB:CVE-2011-1146
debiancve2prion2cve2nessus29openvas33veracode2ubuntucve1securityvulns4fedora6ubuntu2oraclelinux3debian1redhat3altlinux1centos1gentoo1osv16