cpe:/a:redhat:libvirt:4.1.0 cpe:/o:debian:debian_linux:7.0 cpe:/o:debian:debian_linux:8.0 cpe:/o:debian:debian_linux:9.0 CVE-2018-1064 2018-03-28T14:29:00.207-04:00 2018-06-19T21:29:01.993-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-4137 REDHAT RHSA-2018:1396 REDHAT RHSA-2018:1929 UBUNTU USN-3680-1 MLIST [debian-lts-announce] 20180324 [SECURITY] [DLA 1315-1] libvirt security update CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1550672 CONFIRM https://libvirt.org/git/?p=libvirt.git;a=commit;h=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513 libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.