|
|
Subscribe / Log in / New account

libvirt: multiple vulnerabilities

Package(s):libvirt CVE #(s):CVE-2013-4311 CVE-2013-4296 CVE-2013-5651
Created:September 19, 2013 Updated:November 25, 2013
Description: From the Ubuntu advisory:

It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. (CVE-2013-4311)

It was discovered that libvirt incorrectly handled certain memory stats requests. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 12.10, and Ubuntu 13.04. (CVE-2013-4296)

It was discovered that libvirt incorrectly handled certain bitmap operations. A remote attacker could use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 13.04. (CVE-2013-5651)

Alerts:
Gentoo 201412-04 libvirt 2014-12-09
Gentoo 201406-27 polkit, Spice-Gtk, systemd, HPLIP, libvirt 2014-06-26
CentOS CESA-2013:X014 libvirt 2013-11-25
openSUSE openSUSE-SU-2013:1549-1 libvirt 2013-10-15
openSUSE openSUSE-SU-2013:1550-1 libvirt 2013-10-15
Mageia MGASA-2013-0294 libvirt 2013-10-05
Fedora FEDORA-2013-17618 libvirt 2013-10-02
Fedora FEDORA-2013-17305 libvirt 2013-10-01
Debian DSA-2764-1 libvirt 2013-09-25
Scientific Linux SLSA-2013:1272-1 libvirt 2013-09-19
Oracle ELSA-2013-1272 libvirt 2013-09-19
CentOS CESA-2013:1272 libvirt 2013-09-20
Red Hat RHSA-2013:1272-01 libvirt 2013-09-19
Ubuntu USN-1954-1 libvirt 2013-09-18
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds