Количество 24
Количество 24
CVE-2014-3657
The virDomainListPopulate function in conf/domain_conf.c in libvirt be ...
GHSA-gq49-7wvq-p22q
The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.
GHSA-543q-9rm2-x5f3
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command.
SUSE-SU-2015:0241-1
Security update for libvirt
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
| CVE-2014-3657 The virDomainListPopulate function in conf/domain_conf.c in libvirt be ... | CVSS2: 5 | 1% Низкий | почти 11 лет назад |
| GHSA-gq49-7wvq-p22q The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read. | 4% Низкий | больше 3 лет назад | |
| GHSA-543q-9rm2-x5f3 The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command. | 1% Низкий | больше 3 лет назад | |
 | SUSE-SU-2015:0241-1 Security update for libvirt | больше 10 лет назад |
Уязвимостей на страницу