libvirt (SUSE:Linux Enterprise Module for Basesystem 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Basesystem 15 SP2 package libvirt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2020-15708 — CVSS 9.3 (critical): Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to…
CVE-2020-14339 — CVSS 8.8 (high): A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows…
CVE-2020-25637 — CVSS 6.7 (medium): A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about…
CVE-2021-3667 — CVSS 6.5 (medium): An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath…
CVE-2021-3631 — CVSS 6.3 (medium): A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to…