Download
| Alert*
oval:org.secpod.oval:def:116653
Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:55540 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:705021 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:1902013 Insecure permissions for systemd socket for virtlockd/virtlogd The virtlockd-admin.socket and virtlogd-admin.socket unit files do not set the SocketMode parameter and thus create a world accessible UNIX domain socket. Furthermore the code fails to validate the identity of clients connecting to these ... oval:org.secpod.oval:def:1504072 [5.0.0-4.el7] - logging: restrict sockets to mode 0600 [Orabug: 29861433] {CVE-2019-10132} - locking: restrict sockets to mode 0600 [Orabug: 29861433] {CVE-2019-10132} - admin: reject clients unless their UID matches the current UID [Orabug: 29861433] {CVE-2019-10132} oval:org.secpod.oval:def:205211 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * libvirt: wrong permissions in systemd admin-sock due to missi ... oval:org.secpod.oval:def:502735 Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtua ... oval:org.secpod.oval:def:502734 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fix: * libvirt: wrong permissions in systemd admin-sock due to missi ... oval:org.secpod.oval:def:1502665 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1504742 [5.0.0-4.el7] - logging: restrict sockets to mode 0600 [Orabug: 29861433] {CVE-2019-10132} - locking: restrict sockets to mode 0600 [Orabug: 29861433] {CVE-2019-10132} - admin: reject clients unless their UID matches the current UID [Orabug: 29861433] {CVE-2019-10132} oval:org.secpod.oval:def:1502524 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116833 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:1700215 Uncacheable memory on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. Modern Intel microprocessors implement hardware-level micro-optimizations to improve the performance of writin ... oval:org.secpod.oval:def:89050887 This update for libvirt fixes the following issues: Four new speculative execution information leak issues have been identified in Intel CPUs. - CVE-2018-12126: Microarchitectural Store Buffer Data Sampling - CVE-2018-12127: Microarchitectural Fill Buffer Data Sampling - CVE-2018-12130: Microarch ... |