Download
| Alert*
oval:org.secpod.oval:def:89003186
This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . Other issues fixed: - libxl: save current memo ... oval:org.secpod.oval:def:89003154 This update for libvirt fixes the following issues: Security issues fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . - CVE-2019-3886: Fixed an information leak whi ... oval:org.secpod.oval:def:89003050 This update for libvirt fixes the following issues: Security issue fixed: - CVE-2019-3840: Fixed a null pointer dereference vulnerability in virJSONValueObjectHasKey function which could have resulted in a remote denial of service via the guest agent . - CVE-2019-3886: Fixed an information leak whic ... oval:org.secpod.oval:def:116553 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:1801461 A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. oval:org.secpod.oval:def:503294 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * libvirt: NULL pointer dereference after running qemuAgentComm ... oval:org.secpod.oval:def:53017 libvirt: Libvirt virtualization toolkit libvirt could be made to crash under certain conditions. oval:org.secpod.oval:def:205345 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * libvirt: NULL pointer dereference after running qemuAgentComm ... oval:org.secpod.oval:def:704824 libvirt: Libvirt virtualization toolkit libvirt could be made to crash under certain conditions. oval:org.secpod.oval:def:1700272 A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service oval:org.secpod.oval:def:1504049 [4.5.0-23] - api: disallow virDomainSaveImageGetXMLDesc on read-only connections - api: disallow virDomainManagedSaveDefineXML on read-only connections - api: disallow virConnectGetDomainCapabilities on read-only connections - api: disallow virConnect*HypervisorCPU on read-only connections [4.5. ... |