Red Hat Security Advisory 2018-3113-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a code injection vulnerability.
cbe6a31ece3c0b11795802e815af1e5c9d758cb697b8f1f1a7dcc38fe59ed8beGentoo Linux Security Advisory 201804-7 - Multiple vulnerabilities have been discovered in libvirt, the worst of which may result in the execution of arbitrary commands. Versions less than 4.1.0 are affected.
cb3f93c9b3e0a479b010f996073edf699e0fa20b3ce9bb33683651094342f1ffDebian Linux Security Advisory 4137-1 - Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library.
2e28cb54079712a1c15c0369a23af4ed15a476264ecf631fe44b7482bc005d57Ubuntu Security Notice 3576-1 - Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Daniel P. Berrange discovered that libvirt incorrectly handled validating SSL/TLS certificates. A remote attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 17.10. Various other issues were also addressed.
90c6d4cdd362e55904c6d76f4118ef039e8e85b0aab04a6669ee178da97eb658
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed