Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2023:3715

Опубликовано: 31 авг. 2023
Источник: rocky
Оценка: Moderate

Описание

Moderate: libvirt security update

The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems.

Security Fix(es):

  • libvirt: Memory leak in virPCIVirtualFunctionList cleanup (CVE-2023-2700)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
libvirtx86_6410.2.el9_2libvirt-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-clientx86_6410.2.el9_2libvirt-client-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemonx86_6410.2.el9_2libvirt-daemon-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-config-networkx86_6410.2.el9_2libvirt-daemon-config-network-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-config-nwfilterx86_6410.2.el9_2libvirt-daemon-config-nwfilter-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-driver-interfacex86_6410.2.el9_2libvirt-daemon-driver-interface-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-driver-networkx86_6410.2.el9_2libvirt-daemon-driver-network-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-driver-nodedevx86_6410.2.el9_2libvirt-daemon-driver-nodedev-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-driver-nwfilterx86_6410.2.el9_2libvirt-daemon-driver-nwfilter-9.0.0-10.2.el9_2.x86_64.rpm
libvirt-daemon-driver-qemux86_6410.2.el9_2libvirt-daemon-driver-qemu-9.0.0-10.2.el9_2.x86_64.rpm

Показывать по

Связанные CVE

CVE-2023-2700

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2023-2700

CVSS3: 5.5
ubuntu
около 2 лет назад

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

redhat логотип

CVE-2023-2700

CVSS3: 6.3
redhat
около 2 лет назад

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

nvd логотип

CVE-2023-2700

CVSS3: 5.5
nvd
около 2 лет назад

A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that exposes a memory leak caused by a failure to free the virPCIVirtualFunction array within the parent struct's g_autoptr cleanup.

msrc логотип

CVE-2023-2700

CVSS3: 5.5
msrc
около 1 года назад

Описание отсутствует

debian логотип

CVE-2023-2700

CVSS3: 5.5
debian
около 2 лет назад

A vulnerability was found in libvirt. This security flaw ouccers due t ...