Search CVE reports


Toggle filters

31 – 40 of 93 results


CVE-2016-10746

Medium priority
Ignored

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2019-3886

Low priority
Fixed

An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial...

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Fixed Not affected Not affected
Show less packages

CVE-2019-3840

Medium priority
Fixed

A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Fixed Fixed
Show less packages

CVE-2017-2635

Low priority
Not affected

A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Not affected
Show less packages

CVE-2015-5160

Low priority
Ignored

libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Ignored
Show less packages

CVE-2018-3639

Medium priority

Some fixes available 61 of 71

Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with...

152 affected packages

intel-microcode, libvirt, linux, linux-allwinner, linux-allwinner-5.19...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
intel-microcode Not affected Not affected Not affected Fixed Fixed
libvirt Fixed Fixed Fixed Fixed Fixed
linux Not affected Not affected Not affected Fixed Fixed
linux-allwinner Not in release Not in release Not in release Not in release Not in release
linux-allwinner-5.19 Not in release Not affected Not in release Not in release Not in release
linux-aws Not affected Not affected Not affected Fixed Fixed
linux-aws-5.0 Not in release Not in release Not in release Not affected Not in release
linux-aws-5.11 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.13 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.19 Not in release Not affected Not in release Not in release Not in release
linux-aws-5.3 Not in release Not in release Not in release Not affected Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-5.8 Not in release Not in release Not affected Not in release Not in release
linux-aws-6.2 Not in release Not affected Not in release Not in release Not in release
linux-aws-6.5 Not in release Not affected Not in release Not in release Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Not in release
linux-aws-hwe Not in release Not in release Not in release Not in release Not affected
linux-azure Not affected Not affected Not affected Fixed Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.11 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.13 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.19 Not in release Not affected Not in release Not in release Not in release
linux-azure-5.3 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.8 Not in release Not in release Not affected Not in release Not in release
linux-azure-6.2 Not in release Not affected Not in release Not in release Not in release
linux-azure-6.5 Not in release Not affected Not in release Not in release Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Fixed Not in release
linux-azure-fde Not in release Not affected Not affected Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fde-5.19 Not in release Not affected Not in release Not in release Not in release
linux-azure-fde-6.2 Not in release Not affected Not in release Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Not in release
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-dell300x Not in release Not in release Not in release Not affected Not in release
linux-euclid Not in release Not in release Not in release Not in release Ignored
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Not in release Not in release Not in release Ignored
linux-gcp Not affected Not affected Not affected Fixed Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.11 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.13 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.19 Not in release Not affected Not in release Not in release Not in release
linux-gcp-5.3 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.8 Not in release Not in release Not affected Not in release Not in release
linux-gcp-6.2 Not in release Not affected Not in release Not in release Not in release
linux-gcp-6.5 Not in release Not affected Not in release Not in release Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-edge Not in release Not in release Not in release Fixed Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Not in release
linux-gke Not affected Not affected Not affected Not in release Ignored
linux-gke-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gke-5.0 Not in release Not in release Not in release Not affected Not in release
linux-gke-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gke-5.3 Not in release Not in release Not in release Not affected Not in release
linux-gke-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gkeop-5.4 Not in release Not in release Not in release Not affected Not in release
linux-goldfish Not in release Not in release Not in release Not in release Ignored
linux-grouper Not in release Not in release Not in release Not in release Not in release
linux-hwe Not in release Not in release Not in release Not affected Fixed
linux-hwe-5.11 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.13 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.19 Not in release Not affected Not in release Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-5.8 Not in release Not in release Not affected Not in release Not in release
linux-hwe-6.2 Not in release Not affected Not in release Not in release Not in release
linux-hwe-6.5 Not in release Not affected Not in release Not in release Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Fixed
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-5.13 Not in release Not in release Not affected Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Fixed Fixed
linux-laptop Not in release Not in release Not in release Not in release Not in release
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-5.19 Not in release Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-6.2 Not in release Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-6.5 Not in release Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release Not in release Not in release Not in release
linux-lts-utopic Not in release Not in release Not in release Not in release Not in release
linux-lts-vivid Not in release Not in release Not in release Not in release Not in release
linux-lts-wily Not in release Not in release Not in release Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release Not in release Not in release Not in release
linux-mako Not in release Not in release Not in release Not in release Ignored
linux-manta Not in release Not in release Not in release Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.2 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Fixed Fixed
linux-oem-5.10 Not in release Not in release Not affected Not in release Not in release
linux-oem-5.13 Not in release Not in release Not affected Not in release Not in release
linux-oem-5.14 Not in release Not in release Not affected Not in release Not in release
linux-oem-5.17 Not in release Not affected Not in release Not in release Not in release
linux-oem-5.6 Not in release Not in release Not affected Not in release Not in release
linux-oem-6.0 Not in release Not affected Not in release Not in release Not in release
linux-oem-6.1 Not in release Not affected Not in release Not in release Not in release
linux-oem-6.11 Not affected Not in release Not in release Not in release Not in release
linux-oem-6.5 Not in release Not affected Not in release Not in release Not in release
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oem-osp1 Not in release Not in release Not in release Not affected Not in release
linux-oracle Not affected Not affected Not affected Not affected Not affected
linux-oracle-5.0 Not in release Not in release Not in release Not affected Not in release
linux-oracle-5.11 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.13 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.3 Not in release Not in release Not in release Not affected Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-5.8 Not in release Not in release Not affected Not in release Not in release
linux-oracle-6.5 Not in release Not affected Not in release Not in release Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Not affected Fixed Fixed
linux-raspi2-5.3 Not in release Not in release Not in release Not affected Not in release
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Not affected Not affected Not in release Not in release
linux-riscv-5.11 Not in release Not in release Not affected Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-5.19 Not in release Not affected Not in release Not in release Not in release
linux-riscv-5.8 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.5 Not in release Not affected Not in release Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Fixed Fixed
linux-starfive Not in release Not in release Not in release Not in release Not in release
linux-starfive-5.19 Not in release Not affected Not in release Not in release Not in release
linux-starfive-6.2 Not in release Not affected Not in release Not in release Not in release
linux-starfive-6.5 Not in release Not affected Not in release Not in release Not in release
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
qemu Fixed Fixed Fixed Fixed Fixed
qemu-kvm Not in release Not in release Not in release Not in release Not in release
xen Not affected Not affected Not affected Not affected Needs evaluation
Show all 152 packages Show less packages

CVE-2018-1064

Low priority
Fixed

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Not affected Fixed Fixed
Show less packages

CVE-2018-6764

Low priority
Fixed

util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Fixed
Show less packages

CVE-2018-5748

Low priority
Fixed

qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.

1 affected package

libvirt

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
libvirt Not affected Not affected Fixed
Show less packages

CVE-2017-5715

High priority

Some fixes available 45 of 56

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

87 affected packages

amd64-microcode, firefox, intel-microcode, libvirt, linux...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
amd64-microcode Not affected Not affected Not affected Fixed Fixed
firefox Not affected Not affected Not affected Fixed Fixed
intel-microcode Not affected Not affected Not affected Not affected Fixed
libvirt Not affected Not affected Not affected Not affected Fixed
linux Not affected Not affected Not affected Not affected Fixed
linux-aws Not affected Not affected Not affected Not affected Fixed
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Not affected
linux-azure Not affected Not affected Not affected Not affected Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Not affected Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Fixed
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Not affected Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Not affected Fixed
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Fixed
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Not affected Fixed
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-quantal Not in release Not in release
linux-lts-raring Not in release Not in release
linux-lts-saucy Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Not affected Fixed
linux-oem-6.11 Not affected Not in release Not in release Not in release Not in release
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Not affected Fixed
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Not affected Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
qemu Not affected Not affected Not affected Fixed Fixed
qemu-kvm Not in release Not in release
webkit2gtk Not affected Not affected Not affected Not affected Fixed
Show all 87 packages Show less packages