Vulnerabilities > Redhat > Libvirt > 0.7.7

DATE CVE VULNERABILITY TITLE RISK
2022-08-23 CVE-2021-3975 Use After Free vulnerability in multiple products
A use-after-free flaw was found in libvirt.
6.5
2022-03-25 CVE-2021-4147 Improper Locking vulnerability in multiple products
A flaw was found in the libvirt libxl driver.
local
low complexity
redhat fedoraproject netapp CWE-667
6.5
2022-03-25 CVE-2022-0897 Improper Locking vulnerability in multiple products
A flaw was found in the libvirt nwfilter driver.
network
low complexity
redhat netapp CWE-667
4.3
2022-03-02 CVE-2021-3631 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels.
local
high complexity
redhat netapp CWE-732
6.3
2022-03-02 CVE-2021-3667 Improper Locking vulnerability in multiple products
An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt.
network
low complexity
redhat netapp CWE-667
6.5
2021-05-27 CVE-2020-10701 Missing Authorization vulnerability in Redhat Libvirt
A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout.
network
low complexity
redhat CWE-862
4.0
2020-10-06 CVE-2020-25637 Double Free vulnerability in multiple products
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain.
local
low complexity
redhat opensuse CWE-415
6.7
2020-03-19 CVE-2019-20485 Improper Input Validation vulnerability in multiple products
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
5.7
2019-07-30 CVE-2019-10161 Missing Authorization vulnerability in multiple products
It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc() API, specifying an arbitrary path which would be accessed with the permissions of the libvirtd process.
local
low complexity
redhat canonical CWE-862
7.8
2019-05-22 CVE-2019-10132 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units.
network
low complexity
redhat fedoraproject CWE-732
8.8