Gentoo Linux Security Advisory 201412-4 - Multiple vulnerabilities have been found in libvirt, worst of which allows context-dependent attackers to escalate privileges. Versions less than 1.2.9-r2 are affected.
04c111d3cb8f6077f1f1c216f9e56106ab6e31444d537f25d03e8ab04ca85eb1Ubuntu Security Notice 2093-1 - Martin Kletzander discovered that libvirt incorrectly handled reading memory tunables from LXC guests. A local user could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service. This issue only affected Ubuntu 13.10. Dario Faggioli discovered that libvirt incorrectly handled the libxl driver. A local user could possibly use this flaw to cause libvirtd to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 13.10. Various other issues were also addressed.
032ca50e203209008802c8c3ca9a824cd426e58b63c9f66f362b20a90858c799Red Hat Security Advisory 2014-0103-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. A use-after-free flaw was found in the way several libvirt block APIs handled domain jobs. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, execute arbitrary code with the privileges of the libvirtd process.
7b1d521f318669771a8ca7881bbfac85e4135dc68581fe3f44db9e5bd6c4a001Debian Linux Security Advisory 2846-1 - Multiple security issues have been found in Libvirt, a virtualisation abstraction library.
0ddde79a2602627d9c15a988b3565cbf0c6bd7e43a46674de20629e6a8688b35
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed