rpm package
suse/libvirt&distro=SUSE Linux Enterprise Module for Server Applications 15 SP1
pkg:rpm/suse/libvirt&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP1
Vulnerabilities (14)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-14339 | — | < 5.1.0-8.19.1 | 5.1.0-8.19.1 | Dec 3, 2020 | A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform ope | ||
| CVE-2020-15708 | — | < 5.1.0-8.24.1 | 5.1.0-8.24.1 | Nov 6, 2020 | Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code. | ||
| CVE-2020-25637 | — | < 5.1.0-8.24.1 | 5.1.0-8.24.1 | Oct 6, 2020 | A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-w | ||
| CVE-2020-10703 | — | < 5.1.0-8.16.1 | 5.1.0-8.16.1 | Jun 2, 2020 | A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as netwo | ||
| CVE-2020-12430 | — | < 5.1.0-8.16.1 | 5.1.0-8.16.1 | Apr 28, 2020 | An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows | ||
| CVE-2019-10168 | — | < 5.1.0-8.6.1 | 5.1.0-8.6.1 | Aug 2, 2019 | The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe th | ||
| CVE-2019-10167 | — | < 5.1.0-8.6.1 | 5.1.0-8.6.1 | Aug 2, 2019 | The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. | ||
| CVE-2019-10166 | — | < 5.1.0-8.6.1 | 5.1.0-8.6.1 | Aug 2, 2019 | It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileg | ||
| CVE-2019-10161 | — | < 5.1.0-8.6.1 | 5.1.0-8.6.1 | Jul 30, 2019 | It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirt | ||
| CVE-2018-12130 | — | < 5.1.0-8.3.1 | 5.1.0-8.3.1 | May 30, 2019 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h | ||
| CVE-2018-12127 | — | < 5.1.0-8.3.1 | 5.1.0-8.3.1 | May 30, 2019 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: | ||
| CVE-2018-12126 | — | < 5.1.0-8.3.1 | 5.1.0-8.3.1 | May 30, 2019 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found | ||
| CVE-2019-11091 | — | < 5.1.0-8.3.1 | 5.1.0-8.3.1 | May 30, 2019 | Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c | ||
| CVE-2019-10132 | — | < 5.1.0-8.3.1 | 5.1.0-8.3.1 | May 22, 2019 | A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative ta |
- CVE-2020-14339Dec 3, 2020affected < 5.1.0-8.19.1fixed 5.1.0-8.19.1
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform ope
- CVE-2020-15708Nov 6, 2020affected < 5.1.0-8.24.1fixed 5.1.0-8.24.1
Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code.
- CVE-2020-25637Oct 6, 2020affected < 5.1.0-8.24.1fixed 5.1.0-8.24.1
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-w
- CVE-2020-10703Jun 2, 2020affected < 5.1.0-8.16.1fixed 5.1.0-8.16.1
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more detail, this flaw affects storage pools created without a target path such as netwo
- CVE-2020-12430Apr 28, 2020affected < 5.1.0-8.16.1fixed 5.1.0-8.16.1
An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is responsible for retrieving domain statistics when managing QEMU guests. This flaw allows
- CVE-2019-10168Aug 2, 2019affected < 5.1.0-8.6.1fixed 5.1.0-8.6.1
The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept an "emulator" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe th
- CVE-2019-10167Aug 2, 2019affected < 5.1.0-8.6.1fixed 5.1.0-8.6.1
The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities.
- CVE-2019-10166Aug 2, 2019affected < 5.1.0-8.6.1fixed 5.1.0-8.6.1
It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the virDomainManagedSaveDefineXML() API, which would permit them to modify managed save state files. If a managed save had already been created by a privileg
- CVE-2019-10161Jul 30, 2019affected < 5.1.0-8.6.1fixed 5.1.0-8.6.1
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process. An attacker with access to the libvirt
- CVE-2018-12130May 30, 2019affected < 5.1.0-8.3.1fixed 5.1.0-8.3.1
Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found h
- CVE-2018-12127May 30, 2019affected < 5.1.0-8.3.1fixed 5.1.0-8.3.1
Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here:
- CVE-2018-12126May 30, 2019affected < 5.1.0-8.3.1fixed 5.1.0-8.3.1
Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found
- CVE-2019-11091May 30, 2019affected < 5.1.0-8.3.1fixed 5.1.0-8.3.1
Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products c
- CVE-2019-10132May 22, 2019affected < 5.1.0-8.3.1fixed 5.1.0-8.3.1
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative ta