Download
| Alert*
oval:org.secpod.oval:def:89051694
This update for libvirt fixes the following issues: * CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces . * CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStatus oval:org.secpod.oval:def:127407 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:127380 Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux . The main package includes the libvirtd server exporting the virtualization support. oval:org.secpod.oval:def:99585 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:708878 libvirt: Libvirt virtualization toolkit Several security issues were fixed in libvirt. oval:org.secpod.oval:def:1507501 [10.0.0-6.2.0.1] - Set SOURCE_DATE_EPOCH from changelog [Orabug: 32019554] [10.0.0-6.2.el9_4] - qemu: Fix migration with custom XML [10.0.0-6.1.el9_4] - Fix off-by-one error in udevListInterfacesByStatus - remote: check for negative array lengths before allocation oval:org.secpod.oval:def:1702238 An off-by-one error flaw was found in the udevListInterfacesByStatus function in libvirt when the number of interfaces exceeds the size of the 'names' array. This issue can be reproduced by sending specially crafted data to the libvirt daemon, allowing an unprivileged client to perform a denial of s ... oval:org.secpod.oval:def:708917 libvirt: Libvirt virtualization toolkit Details: USN-6734-1 fixed vulnerabilities in libvirt. This update provides the corresponding updates for Ubuntu 24.04 LTS. Original advisory Several security issues were fixed in libvirt. oval:org.secpod.oval:def:89051727 This update for libvirt fixes the following issues: * CVE-2024-2494: Add a check for negative array lengths before allocation to prevent potential DoS. * CVE-2024-2496: Fixed NULL pointer dereference in udevConnectListAllInterfaces . * CVE-2024-1441: Fix off-by-one error in udevListInterfacesByStat ... oval:org.secpod.oval:def:509289 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. Security Fixes: libvirt: off-by-one error in udevListInterfacesByStatus libv ... |