Mageia 7: MGASA-2020-0250 Moderate: Libvirt Denial Of Service
mageia
June 10, 2020
Advisory text to describe the update
Summary
Advisory text to describe the update.
Wrap lines at ~75 chars.
Updated libvirt packages fix security vulnerability:
It was discovered that libvirt incorrectly handled an active pool without
a target path. A remote attacker could possibly use this issue to cause
libvirt to crash, resulting in a denial of service (CVE-2020-10703).
It was discovered that libvirt incorrectly handled memory when retrieving
certain domain statistics. A remote attacker could possibly use this issue to
cause libvirt to consume resources, resulting in a denial of service
(CVE-2020-12430).
References
- https://bugs.mageia.org/show_bug.cgi?id=26600
- https://ubuntu.com/security/notices/USN-4371-1
- https://www.cve.org/CVERecord?id=CVE-2020-10703
- https://www.cve.org/CVERecord?id=CVE-2020-12430
Resolution
SRPMS
- 7/core/libvirt-5.5.0-1.1.mga7
PREVIOUS
NEXT
Publication date: 10 Jun 2020
URL: https://advisories.mageia.org/MGASA-2020-0250.html
Type: security
CVE: CVE-2020-10703,
CVE-2020-12430
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!