Red Hat Security Advisory 2018-1929-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a resource exhaustion vulnerability.
a22fcf91b1a25f0218b6cf05d957422e71b31f08cce0e0c611b3582aa4c39494
Ubuntu Security Notice 3680-1 - Ken Johnson and Jann Horn independently discovered that microprocessors utilizing speculative execution of a memory read may allow unauthorized memory reads via sidechannel attacks. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows libvirt to expose new CPU features added by microcode updates to guests. Daniel P. Berrange discovered that libvirt incorrectly handled the QEMU guest agent. An attacker could possibly use this issue to consume resources, leading to a denial of service. Various other issues were also addressed.
ff3fc4ce5b6f9d5fcf68d46f3c6240af4b1a6586e72085633f33674eab6a36bb
Red Hat Security Advisory 2018-1396-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a resource exhaustion vulnerability.
1a37de7638de63ae4974186c8864d405fa655d2fb9b209f0f39bffdb250557aa
D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.
c2f677dc653a79692726bbccff8050f283ad34e84c33c202f140624c41984b88
Debian Linux Security Advisory 4137-1 - Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library.
2e28cb54079712a1c15c0369a23af4ed15a476264ecf631fe44b7482bc005d57