libvirt could be made to crash under certain conditions.
Software Description:
- libvirt: Libvirt virtualization toolkit
Details:
It was discovered that libvirt incorrectly handled waiting for certain
agent events. An attacker inside a guest could possibly use this issue to
cause libvirtd to stop responding, resulting in a denial of service.
The problem can be corrected by updating your system to the following package versions: Ubuntu 18.10: libvirt-clients 4.6.0-2ubuntu3.4 libvirt-daemon 4.6.0-2ubuntu3.4 libvirt0 4.6.0-2ubuntu3.4 Ubuntu 18.04 LTS: libvirt-clients 4.0.0-1ubuntu8.8 libvirt-daemon 4.0.0-1ubuntu8.8 libvirt0 4.0.0-1ubuntu8.8 Ubuntu 16.04 LTS: libvirt-bin 1.3.1-1ubuntu10.25 libvirt0 1.3.1-1ubuntu10.25 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-3909-1
CVE-2019-3840
Get the latest Linux and open source security news straight to your inbox.