Total
69 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-6457 | 1 Redhat | 1 Libvirt | 2015-01-02 | 5.2 MEDIUM | N/A |
The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command. | |||||
CVE-2013-6458 | 1 Redhat | 1 Libvirt | 2015-01-02 | 6.8 MEDIUM | N/A |
Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command. | |||||
CVE-2014-0028 | 1 Redhat | 1 Libvirt | 2015-01-02 | 4.3 MEDIUM | N/A |
libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API. | |||||
CVE-2014-1447 | 1 Redhat | 1 Libvirt | 2015-01-02 | 3.3 LOW | N/A |
Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent. | |||||
CVE-2013-5651 | 1 Redhat | 1 Libvirt | 2015-01-02 | 5.0 MEDIUM | N/A |
The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune. | |||||
CVE-2013-4399 | 1 Redhat | 1 Libvirt | 2014-12-15 | 4.3 MEDIUM | N/A |
The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection. | |||||
CVE-2012-3445 | 1 Redhat | 1 Libvirt | 2013-03-21 | 3.5 LOW | N/A |
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer. | |||||
CVE-2013-1766 | 1 Redhat | 1 Libvirt | 2013-03-21 | 3.6 LOW | N/A |
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors. | |||||
CVE-2012-2693 | 1 Redhat | 1 Libvirt | 2013-01-14 | 3.7 LOW | N/A |
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. |