libvirt (SUSE:Linux Enterprise Server 12 SP4-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP4-LTSS package libvirt, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2020-15708 — CVSS 9.3 (critical): Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to…
CVE-2020-25637 — CVSS 6.7 (medium): A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about…
CVE-2021-3975 — CVSS 6.5 (medium): A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple…
CVE-2021-4147 — CVSS 6.5 (medium): A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock…