VYPR

Libvirt

by Red Hat

Source repositories

CVEs (68)

  • CVE-2012-2693Jun 17, 2012
    risk 0.00cvss epss 0.00

    libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices.

  • CVE-2011-2511Aug 10, 2011
    risk 0.00cvss epss 0.04

    Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.

  • CVE-2011-2178Aug 10, 2011
    risk 0.00cvss epss 0.00

    The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users…

  • CVE-2011-1486May 31, 2011
    risk 0.00cvss epss 0.01

    libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time.

  • CVE-2011-1146Mar 15, 2011
    risk 0.00cvss epss 0.02

    libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset,…

  • CVE-2010-2242Aug 19, 2010
    risk 0.00cvss epss 0.00

    Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged source ports, which allows guest OS users to bypass intended access restrictions by leveraging IP address and source-port values, as demonstrated by copying and deleting an NFS…

  • CVE-2010-2239Aug 19, 2010
    risk 0.00cvss epss 0.00

    Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined backing-store format, which allows guest OS users to read arbitrary files on the host OS via unspecified vectors.

  • CVE-2010-2238Aug 19, 2010
    risk 0.00cvss epss 0.00

    Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extracting the defined disk backing-store format, which might allow guest OS users to read arbitrary files on the host OS, and possibly have unspecified other impact, via unknown…

Page 4 of 4