Alerts This Week
Warning Icon 1 1,308
Alerts This Week
Warning Icon 1 1,308

Ubuntu 25.10: libvirt Critical DoS CVE-2025-12748 USN-7047-1

ubuntu
Calendar Grey January 8, 2026
Dist Ubuntu Esm H88
Several security issues in libvirt addressed in Ubuntu updates for various versions, including denial of service threats.
Several security issues were fixed in libvirt.

Summary

Several security issues were fixed in libvirt.

Software Description:

- libvirt: Libvirt virtualization toolkit

Details:

It was discovered that libvirt parsed user-provided XML files before

performing ACL checks. An attacker could possibly use this issue to cause

libvirt to consume memory, resulting in a denial of service.

(CVE-2025-12748)

It was discovered that libvirt incorrectly handled permissions on external

inactive snapshots. A local attacker could possibly use this issue to

obtain sensitive guest contents. (CVE-2025-13193)

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu local attack libvirt

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.10
  libvirt-daemon                  11.6.0-1ubuntu3.2
  libvirt-daemon-system           11.6.0-1ubuntu3.2
  libvirt0                        11.6.0-1ubuntu3.2

Ubuntu 25.04
  libvirt-daemon                  11.0.0-2ubuntu6.5
  libvirt-daemon-system           11.0.0-2ubuntu6.5
  libvirt0                        11.0.0-2ubuntu6.5

Ubuntu 24.04 LTS
  libvirt-daemon                  10.0.0-2ubuntu8.11
  libvirt-daemon-system           10.0.0-2ubuntu8.11
  libvirt0                        10.0.0-2ubuntu8.11

Ubuntu 22.04 LTS
  libvirt-daemon                  8.0.0-1ubuntu7.15
  libvirt-daemon-system           8.0.0-1ubuntu7.15
  libvirt0                        8.0.0-1ubuntu7.15

After a standard system update you need to reboot your computer to make
all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7047-1

CVE-2025-12748, CVE-2025-13193

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7047-1

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu local attack libvirt

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here