libvirt (SUSE:Linux Enterprise Server 12 SP2-BCL) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP2-BCL package libvirt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2020-15708 — CVSS 9.3 (critical): Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to…
CVE-2019-10161 — CVSS 7.8 (high): It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc()…
CVE-2019-10167 — CVSS 7.8 (high): The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument…
CVE-2020-25637 — CVSS 6.7 (medium): A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about…
CVE-2018-12130 — CVSS 5.9 (medium): Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2019-3840 — CVSS 5.8 (medium): A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU…
CVE-2019-11091 — CVSS 5.6 (medium): Microarchitectural Data Sampling Uncacheable Memory (MDSUM): Uncacheable memory on some microprocessors utilizing speculative execution may…
CVE-2017-5715 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of…
CVE-2018-12127 — CVSS 5.6 (medium): Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an…
CVE-2018-12126 — CVSS 5.6 (medium): Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an…
CVE-2018-3639 — CVSS 5.5 (medium): Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior…
CVE-2019-3886 — CVSS 5.4 (medium): An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on…