Filtered by vendor Redhat
Subscriptions
Filtered by product Libvirt
Subscriptions
Total
72 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2013-2218 | 1 Redhat | 1 Libvirt | 2024-11-21 | N/A |
Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote attackers to cause a denial of service (libvirtd crash) via a filtering flag that causes an interface to be skipped, as demonstrated by the "virsh iface-list --inactive" command. | ||||
CVE-2013-1962 | 1 Redhat | 2 Enterprise Linux, Libvirt | 2024-11-21 | N/A |
The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial of service (file descriptor consumption) via a large number of requests "to list all volumes for the particular pool." | ||||
CVE-2013-1766 | 1 Redhat | 1 Libvirt | 2024-11-21 | N/A |
libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors. | ||||
CVE-2013-0170 | 5 Canonical, Fedoraproject, Opensuse and 2 more | 12 Ubuntu Linux, Fedora, Opensuse and 9 more | 2024-11-21 | N/A |
Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue. | ||||
CVE-2012-4423 | 1 Redhat | 2 Enterprise Linux, Libvirt | 2024-11-21 | N/A |
The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer dereference and segmentation fault) via an RPC call with (1) an event as the RPC number or (2) an RPC number whose value is in a "gap" in the RPC dispatch table. | ||||
CVE-2012-3445 | 1 Redhat | 2 Enterprise Linux, Libvirt | 2024-11-21 | N/A |
The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might allow remote authenticated users to cause a denial of service (libvirtd crash) via an RPC command with nparams set to zero, which triggers an out-of-bounds read or a free of an invalid pointer. | ||||
CVE-2012-2693 | 1 Redhat | 4 Enterprise Linux, Libvirt, Rhel Virtualization and 1 more | 2024-11-21 | N/A |
libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and product ID, which might cause the wrong device to be associated with a guest and might allow local users to access unintended USB devices. | ||||
CVE-2011-4600 | 2 Canonical, Redhat | 3 Ubuntu Linux, Libvirt, Rhel Eus | 2024-11-21 | N/A |
The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on bridge networks when libvirtd is restarted, which might allow remote attackers to bypass intended access restrictions via a (1) DNS or (2) DHCP query. | ||||
CVE-2011-2511 | 1 Redhat | 3 Enterprise Linux, Libvirt, Rhel Virtualization | 2024-11-21 | N/A |
Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption. | ||||
CVE-2011-2178 | 1 Redhat | 1 Libvirt | 2024-11-21 | N/A |
The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression. | ||||
CVE-2011-1486 | 1 Redhat | 3 Enterprise Linux, Libvirt, Rhel Virtualization | 2024-11-21 | N/A |
libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service (crash) by causing multiple threads to report errors at the same time. | ||||
CVE-2011-1146 | 1 Redhat | 3 Enterprise Linux, Libvirt, Rhel Virtualization | 2024-11-21 | N/A |
libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086. |