Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in libvirt.
Software Description:
- libvirt: Libvirt virtualization toolkit
Details:
It was discovered that libvirt incorrectly handled an active pool without a
target path. A remote attacker could possibly use this issue to cause
libvirt to crash, resulting in a denial of service. (CVE-2020-10703)
It was discovered that libvirt incorrectly handled memory when retrieving
certain domain statistics. A remote attacker could possibly use this issue
to cause libvirt to consume resources, resulting in a denial of service.
This issue only affected Ubuntu 19.10. (CVE-2020-12430)
The problem can be corrected by updating your system to the following package versions: Ubuntu 19.10: libvirt-clients 5.4.0-0ubuntu5.4 libvirt-daemon 5.4.0-0ubuntu5.4 libvirt0 5.4.0-0ubuntu5.4 Ubuntu 18.04 LTS: libvirt-clients 4.0.0-1ubuntu8.17 libvirt-daemon 4.0.0-1ubuntu8.17 libvirt0 4.0.0-1ubuntu8.17 After a standard system update you need to reboot your computer to make all the necessary changes.
https://ubuntu.com/security/notices/USN-4371-1
CVE-2020-10703, CVE-2020-12430
Get the latest Linux and open source security news straight to your inbox.