VYPR

rpm package

suse/libvirt&distro=SUSE Linux Enterprise Micro 5.4

pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Micro%205.4

Vulnerabilities (4)

  • CVE-2025-13193MedNov 17, 2025
    affected < 8.0.0-150400.7.14.1fixed 8.0.0-150400.7.14.1

    A flaw was found in libvirt. External inactive snapshots for shut-down VMs are incorrectly created as world-readable, making it possible for unprivileged users to inspect the guest OS contents. This results in an information disclosure vulnerability.

  • CVE-2025-12748MedNov 11, 2025
    affected < 8.0.0-150400.7.14.1fixed 8.0.0-150400.7.14.1

    A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before the ACL checks. A malicious user with limited permissions could exploit this flaw by submitting a specially crafted XML file, causing libvir

  • CVE-2024-2494MedMar 21, 2024
    affected < 8.0.0-150400.7.11.2fixed 8.0.0-150400.7.11.2

    A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the non-negative length check is performed by the C API entry points. Passing a negative length to the g_new0 function results in a crash due to the negativ

  • CVE-2023-2700May 15, 2023
    affected < 8.0.0-150400.7.6.1fixed 8.0.0-150400.7.6.1

    A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.