rpm package
suse/virt-manager&distro=SUSE Linux Enterprise Desktop 12 SP3
pkg:rpm/suse/virt-manager&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP3
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1064 | — | < 1.4.1-5.8.1 | 1.4.1-5.8.1 | Mar 28, 2018 | libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. | ||
| CVE-2018-6764 | — | < 1.4.1-5.8.1 | 1.4.1-5.8.1 | Feb 23, 2018 | util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. | ||
| CVE-2017-5715 | — | < 1.4.1-5.8.1 | 1.4.1-5.8.1 | Jan 4, 2018 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. |
- CVE-2018-1064Mar 28, 2018affected < 1.4.1-5.8.1fixed 1.4.1-5.8.1
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.
- CVE-2018-6764Feb 23, 2018affected < 1.4.1-5.8.1fixed 1.4.1-5.8.1
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.
- CVE-2017-5715Jan 4, 2018affected < 1.4.1-5.8.1fixed 1.4.1-5.8.1
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.