Mandriva Linux Security Advisory 2015-115 - The LXC driver in libvirt 1.0.1 through 1.2.1 allows local users to delete arbitrary host devices via the virDomainDeviceDettach API and a symlink attack on /dev in the container; via the virDomainDeviceAttach API and a symlink attack on /dev in the container; and cause a denial of service (shutdown or reboot host OS) via the virDomainReboot API and a symlink attack on /dev/initctl in the container, related to paths under /proc//root and the virInitctlSetRunLevel function. Various other issues have also been addressed.
6ae8444cee405a1fa17b4071c1f7b85b191e5b4db7e6d53ab6a0a1a1d4adf05dGentoo Linux Security Advisory 201412-4 - Multiple vulnerabilities have been found in libvirt, worst of which allows context-dependent attackers to escalate privileges. Versions less than 1.2.9-r2 are affected.
04c111d3cb8f6077f1f1c216f9e56106ab6e31444d537f25d03e8ab04ca85eb1Red Hat Security Advisory 2014-1873-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.
926fc0cc610c6630f02ce4257be003e8e729f64fc84448045e963d1964416a7aMandriva Linux Security Advisory 2014-195 - An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process. A denial of service flaw was found in the way libvirt's virConnectListAllDomains() function computed the number of used domains. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to make any domain operations within libvirt unresponsive. The updated libvirt packages have been upgraded to the 1.1.3.6 version and patched to resolve these security flaws.
77134b00ae1715b1f20378bd5a8597ad5e3fcf9f81118afb707b3e8ef299981aRed Hat Security Advisory 2014-1352-01 - The libvirt library is a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. An out-of-bounds read flaw was found in the way libvirt's qemuDomainGetBlockIoTune() function looked up the disk index in a non-persistent disk configuration while a persistent disk configuration was being indexed. A remote attacker able to establish a read-only connection to libvirtd could use this flaw to crash libvirtd or, potentially, leak memory from the libvirtd process.
3227a2789c9b0ba77b00e40c13fdd0d7741d09b78e22e4b49b90b0b7944aaf8aUbuntu Security Notice 2366-1 - Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if fine grained access control was enabled on Ubuntu 14.04 LTS. Luyao Huang discovered that libvirt incorrectly handled certain blkiotune queries. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Various other issues were also addressed.
02dbf1264d90f9aa14f459ed2d1774ac83a6b77b75e361cb24f526417195c704Debian Linux Security Advisory 3038-1 - Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library.
1a4a88bcc37a4dfcaefe8151a6a76a58d64abfb087ff4bbc6d0d4dbe95432653
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed