VYPR

rpm package

opensuse/libvirt&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/libvirt&distro=openSUSE%20Tumbleweed

Vulnerabilities (64)

  • CVE-2019-10166Aug 2, 2019
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileg

  • CVE-2019-10161Jul 30, 2019
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirt

  • CVE-2018-12127MedMay 30, 2019
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:

  • CVE-2018-12126MedMay 30, 2019
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found

  • CVE-2019-10132May 22, 2019
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative ta

  • CVE-2019-3886Apr 4, 2019
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.

  • CVE-2017-2635HigAug 22, 2018
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.

  • CVE-2018-3639MedMay 22, 2018
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka

  • CVE-2018-1064HigMar 28, 2018
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

  • CVE-2018-5748HigJan 25, 2018
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.

  • CVE-2017-1000256HigOct 31, 2017
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default.

  • CVE-2015-5247MedApr 14, 2016
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a denial of service (libvirtd crash) by triggering a failed unlink after creating a volume on a root_squash NFS pool.

  • CVE-2011-4600MedApr 14, 2016
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP qu

  • CVE-2015-5313LowApr 11, 2016
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when fine-grained Access Control Lists (ACL) are in effect, allows local users with storage_vol:create ACL but not domain:write permission to write t

  • CVE-2015-0236Jan 29, 2015
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.

  • CVE-2014-8131Jan 6, 2015
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a

  • CVE-2013-4399Dec 12, 2014
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler

  • CVE-2014-7823Nov 13, 2014
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.

  • CVE-2014-3657Oct 6, 2014
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API c

  • CVE-2014-3633Oct 6, 2014
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, whi