Main Vulnerability Database SB2011081002

SB2011081002 - Multiple vulnerabilities in libvirt

Published: August 10, 2011 Updated: August 11, 2020

Security Bulletin ID SB2011081002

Severity

Low

Patch available

YES

Number of vulnerabilities 2

Exploitation vector Remote access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 2 secuirty vulnerabilities.

1) Input validation error (CVE-ID: CVE-2011-2178)

The vulnerability allows a local #AU# to gain access to sensitive information.

The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a sizeof call, which causes incorrect processing of "security manager private data" that "reopens disk probing" and might allow guest OS users to read arbitrary files on the host OS. NOTE: this vulnerability exists because of a CVE-2010-2238 regression.

2) Input validation error (CVE-ID: CVE-2011-2511)

The vulnerability allows a remote #AU# to perform service disruption.

Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly execute arbitrary code via a crafted VirDomainGetVcpus RPC call that triggers memory corruption.

Remediation

Install update from vendor's website.

SB2011081002 - Multiple vulnerabilities in libvirt

Breakdown by Severity

Description

Remediation

References

Please verify you're human