Libvirt Security Notice Index
2020
LSN-2020-0001 (CVE-2020-10703)
: Denial of Service via storage pools without target paths
LSN-2020-0002 (CVE-2020-14301)
: Leak of sensitive cookie information
LSN-2020-0003 (CVE-2020-10703)
: Leak of /dev/mapper/control into QEMU guest namespace
2019
LSN-2019-0001 (CVE-2019-3886)
: virDomainGetHostname and virDomainGetTime don't enforce read-only perms
LSN-2019-0002 (CVE-2019-3840)
: Crash after running guest agent command to fetch interfaces
LSN-2019-0003 (CVE-2019-10132)
: Insecure permissions for systemd socket for virtlockd/virtlogd
LSN-2019-0004 (CVE-2019-10161)
: virDomainSaveImageGetXMLDesc does not check for read-only connection
LSN-2019-0005 (CVE-2019-10166)
: virDomainManagedSaveDefineXML does not check for read-only connection
LSN-2019-0006 (CVE-2019-10167)
: virConnectGetDomainCapabilities does not check for read-only connection
LSN-2019-0007 (CVE-2019-10168)
: virConnect*HypervisorCPU do not check for read-only connection
LSN-2019-0008 (CVE-2019-11135)
: Transactional Synchronization Extensions (TSX) Asynchronous Abort
LSN-2019-0009 (CVE-2019-20485)
: QEMU agent denial of service
2018
LSN-2018-0001 (CVE-2017-5715)
: Spectre variant 2 branch target injection
LSN-2018-0002 (CVE-2018-5748)
: QEMU monitor denial of service
LSN-2018-0003 (CVE-2018-6764)
: Insecure usage of NSS modules during container startup
LSN-2018-0004 (CVE-2018-1064)
: QEMU agent denial of service
LSN-2018-0005 (CVE-2018-3639)
: Speculative Store Bypass
2017
LSN-2017-0001 (CVE-2017-2635)
: libvirtd crashes in virConnectGetAllDomainStats with empty cdrom
LSN-2017-0002 (CVE-2017-1000256)
: TLS certificate verification disabled for clients
2016
LSN-2016-0001 (CVE-2016-5008)
: Authentication disabled when setting empty VNC password
LSN-2016-0002 (CVE-2016-10746)
: Access to virDomainGetTime mistakenly allowed on read-only connection
2015
LSN-2015-0001 (CVE-2015-0236)
: snapshots and save images leak VNC passwords
LSN-2015-0002
: small memory leak in ListAll APIs
LSN-2015-0003 (CVE-2015-5247)
: denial of service through root-squash NFS storage pools
LSN-2015-0004 (CVE-2015-5313)
: ACL bypass using ../ to access beyond storage pool
2014
LSN-2014-0001 (CVE-2014-1447)
: libvirtd crashes if client closes connection early
LSN-2014-0002 (CVE-2014-0028)
: Missing access control check on events
LSN-2014-0003 (CVE-2014-0179)
: Unsafe parsing of XML documents allows arbitrary file read
LSN-2014-0004 (CVE-2014-3633)
: Querying blkiotune after disk hotplug can lead to libvirtd crash
LSN-2014-0005 (CVE-2014-3657)
: virConnectListAllDomains can deadlock
LSN-2014-0006
: virDomainBlockRebase probes file formats in spite of explicit raw request
LSN-2014-0007 (CVE-2014-7823)
: virDomainGetXMLDesc leaks VNC passwords
LSN-2014-0008 (CVE-2014-8131)
: deadlock or segfault in virConnectGetAllDomainStats
LSN-2014-0009 (CVE-2014-8135)
: crash when using virStorageVolUpload
LSN-2014-0010 (CVE-2014-8136)
: deadlock on failed migration
2013
LSN-2013-0001 (CVE-2013-0170)
: Fix crash on error paths of message dispatching
LSN-2013-0002 (CVE-2013-1962)
: Leak of file descriptors when listing storage volumes
LSN-2013-0003 (CVE-2013-2218)
: Crash of libvirtd when listing host interfaces
LSN-2013-0004 (CVE-2013-2230)
: Crash in libvirtd registering events
LSN-2013-0005 (CVE-2013-4153)
: Crash after querying vCPU count from guest agent
LSN-2013-0006 (CVE-2013-4154)
: Crash of libvirtd without guest agent active
LSN-2013-0007 (CVE-2013-4239)
: Crash listing inactive domains in Xen driver
LSN-2013-0008 (CVE-2013-4291)
: Libvirt security driver does not clear supplementary groups
LSN-2013-0009 (CVE-2013-4292)
: Missing bounds checking on parameter count in migration API
LSN-2013-0010 (CVE-2013-4296)
: Crash when querying domain memory stats
LSN-2013-0011 (CVE-2013-4297)
: Invalid free when setting up NBD devices
LSN-2013-0012 (CVE-2013-4311)
: Insecure invocation of polkit for checking authorization
LSN-2013-0013 (CVE-2013-4399)
: Crash of libvirtd when ACLs are active and events registered
LSN-2013-0014 (CVE-2013-4400)
: virt-login-shell fails to secure setuid environment
LSN-2013-0015 (CVE-2013-4401)
: Incorrect permissions on XML conversion APIs
LSN-2013-0016 (CVE-2013-5651)
: Out of bounds access in bitmap array
LSN-2013-0017 (CVE-2013-6436)
: libvirtd daemon crash when reading memory tunables for LXC guest in shutoff status
LSN-2013-0018 (CVE-2013-6456)
: Unsafe usage of paths under /proc/$PID/root by the LXC driver
LSN-2013-0019 (CVE-2013-6457)
: libvirtd crash when reading numa tunables for libxl guest in shutoff status
LSN-2013-0020 (CVE-2013-6458)
: libvirtd crash when hot-plugging disks for qemu domains
LSN-2013-0021 (CVE-2013-7336)
: libvirtd crash during seamless SPICE migration
2012
LSN-2012-0001 (CVE-2012-3411)
: DNS configured to answer DNS queries from non-virtual networks
LSN-2012-0002 (CVE-2012-3445)
: Fix crash in libvirt clearing API parameters
LSN-2012-0003 (CVE-2012-4423)
: Crash of libvirt when dispatching illegal RPC procedure
2011
LSN-2011-0001 (CVE-2011-1146)
: Missing checks for read only connections on many APIs
LSN-2011-0002 (CVE-2011-1486)
: Error reporting in libvirtd is not thread safe
LSN-2011-0003 (CVE-2011-2178)
: Security manager does not disable disk probing
2010
LSN-2010-0001 (CVE-2010-2237)
: Ignoring main disk format when looking up disk backing stores
LSN-2010-0002 (CVE-2010-2238)
: Ignoring backing store format when recursing into disk image backing stores
LSN-2010-0003 (CVE-2010-2239)
: Not setting user defined backing store format when creating new image
LSN-2010-0004 (CVE-2010-2242)
: Improperly mapped virtual network source privileged ports
2009
LSN-2009-0001 (CVE-2009-0036)
: Incorrect buffer checks in setuid proxy
2008
LSN-2008-0001 (CVE-2008-5086)
: Missing checks for read only connections on many APIs
Other resources:
List of security notices in XML
Description of the libvirt security notice XML schema
Home
Download
Contribute
Docs
Website
(via DuckDuckGo)
Wiki
(via DuckDuckGo)
Developers list
Users list