VYPR

rpm package

opensuse/libvirt&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/libvirt&distro=openSUSE%20Tumbleweed

Vulnerabilities (64)

  • CVE-2011-2511Aug 10, 2011
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.

  • CVE-2011-1146Mar 15, 2011
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3)

  • CVE-2010-2242Aug 19, 2010
    affected < 2.5.0-1.1fixed 2.5.0-1.1

    Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS directo

  • CVE-2008-5086Dec 19, 2008
    affected < 7.7.0-2.1fixed 7.7.0-2.1

    Multiple methods in libvirt 0.3.2 through 0.5.1 do not check if a connection is read-only, which allows local users to bypass intended access restrictions and perform administrative actions.

Page 4 of 4