rpm package
suse/libvirt&distro=SUSE Linux Enterprise Micro 5.2
pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.2
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-13193 | Med | 5.5 | < 7.1.0-150300.6.44.1 | 7.1.0-150300.6.44.1 | Nov 17, 2025 | A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability. | |
| CVE-2025-12748 | Med | 5.5 | < 7.1.0-150300.6.44.1 | 7.1.0-150300.6.44.1 | Nov 11, 2025 | A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvir | |
| CVE-2024-2494 | Med | 6.2 | < 7.1.0-150300.6.41.1 | 7.1.0-150300.6.41.1 | Mar 21, 2024 | A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ | |
| CVE-2022-0897 | — | < 7.1.0-150300.6.29.1 | 7.1.0-150300.6.29.1 | Mar 25, 2022 | A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilt |
- affected < 7.1.0-150300.6.44.1fixed 7.1.0-150300.6.44.1
A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability.
- affected < 7.1.0-150300.6.44.1fixed 7.1.0-150300.6.44.1
A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvir
- affected < 7.1.0-150300.6.41.1fixed 7.1.0-150300.6.41.1
A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ
- CVE-2022-0897Mar 25, 2022affected < 7.1.0-150300.6.29.1fixed 7.1.0-150300.6.29.1
A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the driver->nwfilt