Alerts This Week
Warning Icon 1 637
Alerts This Week
Warning Icon 1 637

Ubuntu 11.04 LTS USN-1180-2 Moderate: Libvirt Service Interruption

Calendar Jul 28, 2011 User Avatar LinuxSecurity Advisories
1 min read
Ubuntu Large Esm H500
Topics%20covered

Topics Covered

security advisory moderate denial of service Ubuntu libvirt authenticated access
An authenticated attacker could send crafted input to libvirt and cause it to crash. 
=========================================================================Ubuntu Security Notice USN-1180-1
July 28, 2011

libvirt vulnerability
=========================================================================
A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 11.04
- Ubuntu 10.10
- Ubuntu 10.04 LTS

Summary:

An authenticated attacker could send crafted input to libvirt and cause it
to crash.

Software Description:
- libvirt: Libvirt virtualization toolkit

Details:

Eric Blake discovered an integer overflow flaw in libvirt. A remote
authenticated attacker could exploit this by sending a crafted VCPU RPC
call and cause a denial of service via application crash.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 11.04:
  libvirt-bin                     0.8.8-1ubuntu6.5

Ubuntu 10.10:
  libvirt-bin                     0.8.3-1ubuntu19.1

Ubuntu 10.04 LTS:
  libvirt-bin                     0.7.5-5ubuntu27.16

In general, a standard system update will make all the necessary changes.

References:
  
  CVE-2011-2511

Package Information:
  https://launchpad.net/ubuntu/+source/libvirt/0.8.8-1ubuntu6.5
  https://launchpad.net/ubuntu/+source/libvirt/0.8.3-1ubuntu19.1
  https://launchpad.net/ubuntu/+source/libvirt/0.7.5-5ubuntu27.16

Ubuntu 11.04 LTS USN-1180-2 Moderate: Libvirt Service Interruption

ubuntu
Calendar Grey July 28, 2011
Dist Ubuntu Esm H88
A verified intruder could leverage a vulnerability in libvirt, resulting in service disruption on the impacted releases of Ubuntu.
An authenticated attacker could send crafted input to libvirt and cause it to crash.

Summary

Topics%20covered

Topics Covered

security advisory moderate denial of service Ubuntu libvirt authenticated access

Update Instructions

The problem can be corrected by updating your system to the following package versions: Ubuntu 11.04: libvirt-bin 0.8.8-1ubuntu6.5 Ubuntu 10.10: libvirt-bin 0.8.3-1ubuntu19.1 Ubuntu 10.04 LTS: libvirt-bin 0.7.5-5ubuntu27.16 In general, a standard system update will make all the necessary changes.

References

CVE-2011-2511

July 28, 2011

Topics%20covered

Topics Covered

security advisory moderate denial of service Ubuntu libvirt authenticated access

Package Information

https://launchpad.net/ubuntu/+source/libvirt/0.8.8-1ubuntu6.5 https://launchpad.net/ubuntu/+source/libvirt/0.8.3-1ubuntu19.1 https://launchpad.net/ubuntu/+source/libvirt/0.7.5-5ubuntu27.16

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here