Total
71 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-1766 | 1 Redhat | 1 Libvirt | 2023-12-10 | 3.6 LOW | N/A |
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors. | |||||
CVE-2013-4401 | 1 Redhat | 1 Libvirt | 2023-12-10 | 8.5 HIGH | N/A |
The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the connect:write permission, which allows attackers to gain domain:write privileges and execute Qemu binaries via crafted XML. NOTE: some of these details are obtained from third party information. | |||||
CVE-2013-2218 | 1 Redhat | 1 Libvirt | 2023-12-10 | 5.0 MEDIUM | N/A |
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command. | |||||
CVE-2013-4154 | 1 Redhat | 1 Libvirt | 2023-12-10 | 4.3 MEDIUM | N/A |
The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command. | |||||
CVE-2013-4311 | 2 Canonical, Redhat | 3 Ubuntu Linux, Enterprise Linux, Libvirt | 2023-12-10 | 4.6 MEDIUM | N/A |
libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition in pkcheck via a (1) setuid process or (2) pkexec process, a related issue to CVE-2013-4288. | |||||
CVE-2013-6436 | 1 Redhat | 1 Libvirt | 2023-12-10 | 2.1 LOW | N/A |
The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests when reading memory tunables, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) via a guest in the shutdown status, as demonstrated by the "virsh memtune" command. | |||||
CVE-2013-4292 | 1 Redhat | 1 Libvirt | 2023-12-10 | 2.1 LOW | N/A |
libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate parameters in certain RPC calls in (1) daemon/remote.c and (2) remote/remote_driver.c. | |||||
CVE-2011-2511 | 1 Redhat | 1 Libvirt | 2023-12-10 | 4.0 MEDIUM | N/A |
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption. | |||||
CVE-2011-1486 | 1 Redhat | 1 Libvirt | 2023-12-10 | 3.3 LOW | N/A |
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time. | |||||
CVE-2011-1146 | 1 Redhat | 1 Libvirt | 2023-12-10 | 6.9 MEDIUM | N/A |
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086. | |||||
CVE-2011-2178 | 1 Redhat | 1 Libvirt | 2023-12-10 | 4.4 MEDIUM | N/A |
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression. |