CVE-2016-10746
https://notcve.org/view.php?id=CVE-2016-10746
libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW connection was supposed to be required, a different vulnerability than CVE-2019-3886. libvirt-domain.c en libvirt versiones anteriores a la 1.3.1 soporta las llamadas a la API virDomainGetTime por agentes invitados con una conexión RO, aunque se suponía que se requería una conexión RW, es una vulnerabilidad diferente de CVE-2019-3886. • https://github.com/libvirt/libvirt/commit/506e9d6c2d4baaf580d489fff0690c0ff2ff588f https://github.com/libvirt/libvirt/compare/11288f5...8fd6867 https://lists.debian.org/debian-lts-announce/2019/04/msg00032.html • CWE-254: 7PK - Security Features •
CVE-2019-3840 – libvirt: NULL pointer dereference after running qemuAgentCommand in qemuAgentGetInterfaces function
https://notcve.org/view.php?id=CVE-2019-3840
A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service. Se ha descubierto un error de desreferencia de puntero NULL en libvirt, en versiones anteriores a la 5.0.0, en la forma en la que obtiene información de la interfaz mediante el agente QEMU. Un atacante en una máquina virtual invitada puede emplear este error para provocar el cierre inesperado de libvirtd y provocar una denegación de servicio (DoS). A NULL pointer dereference flaw was discovered in libvirt in the way it gets interface information through the QEMU agent. • http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00101.html http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00105.html https://access.redhat.com/errata/RHSA-2019:2294 https://bugzilla.redhat.com/show_bug.cgi?id=1663051 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3840 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TZRP2BRMI4RYFRPNFTTIAAUOGVN2ORP7 https://www.redhat.com/archives/libvir-list/2019-January/msg00241.html https& • CWE-476: NULL Pointer Dereference •
CVE-2017-2635
https://notcve.org/view.php?id=CVE-2017-2635
A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could use this flaw to crash libvirtd daemon resulting in denial of service. Se ha detectado un defecto de desferencia del puntero NULL en la forma en la que libvirt desde la versión 2.5.0 hasta la 3.0.0 manejaba las unidades vacías. Un atacante autenticado remoto podría usar este defecto para provocar el cierre inesperado del demonio libvirtd, lo que provocaría una denegación de servicio (DoS). • https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-2635 https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=c3de387380f6057ee0e46cd9f2f0a092e8070875 • CWE-476: NULL Pointer Dereference •
CVE-2018-1064 – libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent
https://notcve.org/view.php?id=CVE-2018-1064
libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. libvirt, en versiones anteriores a la 4.2.0-rc1 es vulnerable a un agotamiento de recursos como resultado de una solución incompleta para CVE-2018-5748 que afecta al monitor QEMU, pero que ahora también puede desencadenarse mediante el agente invitado de QEMU. An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent. • https://access.redhat.com/errata/RHSA-2018:1396 https://access.redhat.com/errata/RHSA-2018:1929 https://bugzilla.redhat.com/show_bug.cgi?id=1550672 https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513 https://lists.debian.org/debian-lts-announce/2018/03/msg00018.html https://usn.ubuntu.com/3680-1 https://www.debian.org/security/2018/dsa-4137 https://access.redhat.com/security/cve/CVE-2018-1064 • CWE-400: Uncontrolled Resource Consumption •
CVE-2017-1000256
https://notcve.org/view.php?id=CVE-2017-1000256
libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a failure to validate SSL/TLS certificates by default. libvirt en sus versiones 2.3.0 y posteriores es vulnerable a una mala configuración por defecto de "verify-peer=no" que libvirt pasa a QEMU. Esto da lugar a un error a la hora de validar certificados SSL/TLS por defecto. • http://www.debian.org/security/2017/dsa-4003 https://access.redhat.com/security/cve/CVE-2017-1000256 https://www.mail-archive.com/debian-bugs-dist%40lists.debian.org/msg1556251.html https://www.redhat.com/archives/libvirt-announce/2017-October/msg00001.html • CWE-295: Improper Certificate Validation •