National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:redhat:libvirt:0.1.6
There are 24 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2019-10132

A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode configuration parameter allows any user on the host to connect using virtlockd-admin-sock or virtlogd-admin-sock and perform administrative tasks against the virtlockd and virtlogd daemons.

Published: May 22, 2019; 02:29:00 PM -04:00
V3.0: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2016-10746

libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886.

Published: April 18, 2019; 12:29:00 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-3840

A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.

Published: March 27, 2019; 09:29:01 AM -04:00
V3.0: 6.3 MEDIUM
    V2: 3.5 LOW
CVE-2018-1064

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

Published: March 28, 2018; 02:29:00 PM -04:00
V3.0: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2016-5008

libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote attackers to bypass authentication and establish a VNC session by connecting to the server.

Published: July 13, 2016; 11:59:05 AM -04:00
V3.0: 9.8 CRITICAL
    V2: 4.3 MEDIUM
CVE-2014-3672

The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by writing to stdout or stderr.

Published: May 25, 2016; 11:59:00 AM -04:00
V3.0: 6.5 MEDIUM
    V2: 2.1 LOW
CVE-2015-0236

libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted (1) snapshot to the virDomainSnapshotGetXMLDesc interface or (2) image to the virDomainSaveImageGetXMLDesc interface.

Published: January 29, 2015; 10:59:00 AM -05:00
    V2: 3.5 LOW
CVE-2014-8131

The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due to ACL restrictions, which allows a remote authenticated users to cause a denial of service (deadlock or segmentation fault and crash) via a request to access the users does not have privileges to access.

Published: January 06, 2015; 10:59:04 AM -05:00
    V2: 4.0 MEDIUM
CVE-2013-4399

The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes event handler removal to be denied and remote attackers to cause a denial of service (use-after-free and crash) by registering an event handler and then closing the connection.

Published: December 12, 2014; 10:59:00 AM -05:00
    V2: 4.3 MEDIUM
CVE-2014-7823

The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the VIR_DOMAIN_XML_MIGRATABLE flag, which triggers the use of the VIR_DOMAIN_XML_SECURE flag.

Published: November 13, 2014; 04:32:04 PM -05:00
    V2: 5.0 MEDIUM
CVE-2013-7336

The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing seamless SPICE migration, which allows local users to cause a denial of service (NULL pointer dereference and libvirtd crash) by causing domblkstat to be called at the same time as the qemuMonitorGetSpiceMigrationStatus function.

Published: May 07, 2014; 06:55:03 AM -04:00
    V2: 1.9 LOW
CVE-2014-1447

Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of service (libvirtd crash) by closing a connection before a keepalive response is sent.

Published: January 24, 2014; 01:55:04 PM -05:00
    V2: 3.3 LOW
CVE-2013-6458

Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4) virDomainGetBlockIoTune functions in libvirt before 1.2.1 do not properly verify that the disk is attached, which allows remote read-only attackers to cause a denial of service (libvirtd crash) via the virDomainDetachDeviceFlags command.

Published: January 24, 2014; 01:55:04 PM -05:00
    V2: 6.8 MEDIUM
CVE-2013-6457

The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize the nodemap, which allows local users to cause a denial of service (invalid free operation and crash) or possibly execute arbitrary code via an inactive domain to the virsh numatune command.

Published: January 24, 2014; 01:55:04 PM -05:00
    V2: 5.2 MEDIUM
CVE-2013-5651

The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read and crash) via a crafted bitmap, as demonstrated by a large nodeset value to numatune.

Published: September 30, 2013; 05:55:09 PM -04:00
    V2: 5.0 MEDIUM
CVE-2013-4297

The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial of service (uninitialized pointer dereference and crash) via unspecified vectors.

Published: September 30, 2013; 05:55:09 PM -04:00
    V2: 4.0 MEDIUM
CVE-2013-4154

The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via vectors related to "agent based cpu (un)plug," as demonstrated by the "virsh vcpucount foobar --guest" command.

Published: September 30, 2013; 05:55:09 PM -04:00
    V2: 4.3 MEDIUM
CVE-2013-2230

The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash) via unspecified vectors involving "multiple events registration."

Published: September 30, 2013; 05:55:09 PM -04:00
    V2: 4.0 MEDIUM
CVE-2013-1766

libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified vectors.

Published: March 20, 2013; 11:55:00 AM -04:00
    V2: 3.6 LOW
CVE-2013-0170

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by triggering certain errors during an RPC connection, which causes a message to be freed without being removed from the message queue.

Published: February 08, 2013; 03:55:01 PM -05:00
    V2: 9.3 HIGH