what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 4 of 4 RSS Feed

CVE-2020-14339

Status Candidate

Overview

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Related Files

Gentoo Linux Security Advisory 202210-06
Posted Oct 17, 2022
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202210-6 - Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service. Versions less than 8.2.0 are affected.

tags | advisory, denial of service, vulnerability
systems | linux, gentoo
advisories | CVE-2020-14339, CVE-2020-25637, CVE-2021-3631, CVE-2021-3667, CVE-2022-0897
SHA-256 | efaa17b0f41687b0bceb00f211741b1f061350c0afeaa73b3795aab7e864c8ca
Gentoo Linux Security Advisory 202101-22
Posted Jan 26, 2021
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 202101-22 - A vulnerability in libvirt may allow root privilege escalation. Versions less than 6.7.0 are affected.

tags | advisory, root
systems | linux, gentoo
advisories | CVE-2020-14339
SHA-256 | 07a0e0d8e3b04000da6daae8f1328d72c27c52508652639c0ba8e0db2e529d9a
Red Hat Security Advisory 2020-4676-01
Posted Nov 4, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4676-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include denial of service and use-after-free vulnerabilities.

tags | advisory, denial of service, kernel, vulnerability
systems | linux, redhat
advisories | CVE-2019-15890, CVE-2019-20485, CVE-2020-10703, CVE-2020-14301, CVE-2020-14339, CVE-2020-1983
SHA-256 | 93e8b9c4d4f4570afe83e1f43d1e9e259507e1b4cf78ec970d599aef7c373a59
Red Hat Security Advisory 2020-3586-01
Posted Sep 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3586-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include information leakage and out of bounds read vulnerabilities.

tags | advisory, vulnerability
systems | linux, redhat
advisories | CVE-2020-10756, CVE-2020-14339
SHA-256 | ad8866f7fc0a2a7af79d106635c88771d2aeef777e5d61c1ab39bbbb10d358eb
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close