libvirt-daemon-plugin-sanlock (AlmaLinux:9) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:9 package libvirt-daemon-plugin-sanlock, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2023-3750 — CVSS 6.5 (medium): A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race…
CVE-2024-2494 — CVSS 6.2 (medium): A flaw was found in the RPC library APIs of libvirt. The RPC server deserialization code allocates memory for arrays before the…
CVE-2024-4418 — CVSS 6.2 (medium): A race condition leading to a stack use-after-free flaw was found in libvirt. Due to a bad assumption in the virNetClientIOEventLoop()…
CVE-2024-8235 — CVSS 6.2 (medium): A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms…
CVE-2025-12748 — CVSS 5.5 (medium): A flaw was discovered in libvirt in the XML file processing. More specifically, the parsing of user provided XML files was performed before…
CVE-2024-1441 — CVSS 5.5 (medium): An off-by-one error flaw was found in the udevListInterfacesByStatus() function in libvirt when the number of interfaces exceeds the size…
CVE-2024-2496 — CVSS 5.0 (medium): A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a…