Known Vulnerabilities for Libvirt by Redhat
Listed below are 10 of the newest known vulnerabilities associated with "Libvirt" by "Redhat".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-3975 | A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called usi... | 6.5 - MEDIUM | 2022-08-23 | 2024-04-01 |
| CVE-2021-3667 | An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLooku... | 6.5 - MEDIUM | 2022-03-02 | 2024-04-01 |
| CVE-2021-3631 | A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one explo... | 6.3 - MEDIUM | 2022-03-02 | 2024-04-01 |
| CVE-2021-3559 | A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. It only affects hosts with a PC... | 6.5 - MEDIUM | 2021-05-24 | 2022-04-26 |
| CVE-2020-25637 | A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting inform... | 6.7 - MEDIUM | 2020-10-06 | 2024-04-01 |
| CVE-2020-14339 | A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file des... | 8.8 - HIGH | 2020-12-03 | 2022-11-07 |
| CVE-2020-14301 | An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-ba... | 6.5 - MEDIUM | 2021-05-27 | 2022-05-13 |
| CVE-2020-12430 | An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memo... | 6.5 - MEDIUM | 2020-04-28 | 2024-04-01 |
| CVE-2020-10703 | A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvi... | 6.5 - MEDIUM | 2020-06-02 | 2024-04-01 |
| CVE-2020-10701 | A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw... | 6.5 - MEDIUM | 2021-05-27 | 2022-05-13 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Redhat | Libvirt | 6.8.0 | - | All | All |
| Application | Redhat | Libvirt | 6.8.0 | rc1 | All | All |
| Application | Redhat | Libvirt | 6.8.0 | rc2 | All | All |
| Application | Redhat | Libvirt | 6.7.0 | - | All | All |
| Application | Redhat | Libvirt | 6.7.0 | rc1 | All | All |
| Application | Redhat | Libvirt | 6.7.0 | rc2 | All | All |
| Application | Redhat | Libvirt | 6.6.0 | - | All | All |
| Application | Redhat | Libvirt | 6.6.0 | rc1 | All | All |
| Application | Redhat | Libvirt | 6.5.0 | - | All | All |
| Application | Redhat | Libvirt | 6.5.0 | rc1 | All | All |
| Application | Redhat | Libvirt | 6.5.0 | rc2 | All | All |
| Application | Redhat | Libvirt | 6.4.0 | - | All | All |
| Application | Redhat | Libvirt | 6.4.0 | rc1 | All | All |
| Application | Redhat | Libvirt | 6.3.0 | - | All | All |
| Application | Redhat | Libvirt | 6.3.0 | rc1 | All | All |
| Application | Redhat | Libvirt | 6.2.0 | All | All | All |
| Application | Redhat | Libvirt | 6.1.0 | All | All | All |
| Application | Redhat | Libvirt | 6.0.0 | All | All | All |
| Application | Redhat | Libvirt | 5.9.0 | All | All | All |
| Application | Redhat | Libvirt | 5.8.0 | All | All | All |