rpm package
opensuse/libvirt&distro=openSUSE Leap Micro 5.3
pkg:rpm/opensuse/libvirt&distro=openSUSE%20Leap%20Micro%205.3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-2494 | Med | 6.2 | < 8.0.0-150400.7.11.2 | 8.0.0-150400.7.11.2 | Mar 21, 2024 | A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ | |
| CVE-2023-2700 | — | < 8.0.0-150400.7.6.1 | 8.0.0-150400.7.6.1 | May 15, 2023 | A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup. |
- affected < 8.0.0-150400.7.11.2fixed 8.0.0-150400.7.11.2
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ
- CVE-2023-2700May 15, 2023affected < 8.0.0-150400.7.6.1fixed 8.0.0-150400.7.6.1
A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.