Every CVE whose affected-product data names Redhat Libvirt, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (73)
CVE-2016-5008 — CVSS 9.8 (critical): libvirt before 2.0.0 improperly disables password checking when the password on a VNC server is set to an empty string, which allows remote…
CVE-2019-10132 — CVSS 8.8 (high): A vulnerability was found in libvirt >= 4.1.0 in the virtlockd-admin.socket and virtlogd-admin.socket systemd units. A missing SocketMode…
CVE-2020-14339 — CVSS 8.8 (high): A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows…
CVE-2013-4401 — CVSS 8.5 (high): The virConnectDomainXMLToNative API function in libvirt 1.1.0 through 1.1.3 checks for the connect:read permission instead of the…
CVE-2017-1000256 — CVSS 8.1 (high): libvirt version 2.3.0 and later is vulnerable to a bad default configuration of "verify-peer=no" passed to QEMU by libvirt resulting in a…
CVE-2019-10168 — CVSS 7.8 (high): The virConnectBaselineHypervisorCPU() and virConnectCompareHypervisorCPU() libvirt APIs, 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accept…
CVE-2018-6764 — CVSS 7.8 (high): util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an…
CVE-2019-10167 — CVSS 7.8 (high): The virConnectGetDomainCapabilities() libvirt API, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, accepts an "emulatorbin" argument…
CVE-2019-10166 — CVSS 7.8 (high): It was discovered that libvirtd, versions 4.x.x before 4.10.1 and 5.x.x before 5.4.1, would permit readonly clients to use the…
CVE-2019-10161 — CVSS 7.8 (high): It was discovered that libvirtd before versions 4.10.1 and 5.4.1 would permit read-only clients to use the virDomainSaveImageGetXMLDesc()…
CVE-2017-2635 — CVSS 7.7 (high): A NULL pointer deference flaw was found in the way libvirt from 2.5.0 to 3.0.0 handled empty drives. A remote authenticated attacker could…
CVE-2018-5748 — CVSS 7.5 (high): qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
CVE-2016-10746 — CVSS 7.5 (high): libvirt-domain.c in libvirt before 1.3.1 supports virDomainGetTime API calls by guest agents with an RO connection, even though an RW…
CVE-2018-1064 — CVSS 7.5 (high): libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects…
CVE-2013-4400 — CVSS 7.2 (high): virt-login-shell in libvirt 1.1.2 through 1.1.3 allows local users to overwrite arbitrary files and possibly gain privileges via…
CVE-2013-4291 — CVSS 6.9 (medium): The virSecurityManagerSetProcessLabel function in libvirt 0.10.2.7, 1.0.5.5, and 1.1.1, when the domain has read an uid:gid label, does not…
CVE-2011-1146 — CVSS 6.9 (medium): libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote…
CVE-2013-6458 — CVSS 6.8 (medium): Multiple race conditions in the (1) virDomainBlockStats, (2) virDomainGetBlockInf, (3) qemuDomainBlockJobImpl, and (4)…
CVE-2013-0170 — CVSS 6.8 (medium): Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before…
CVE-2020-25637 — CVSS 6.7 (medium): A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about…
CVE-2015-5247 — CVSS 6.5 (medium): The virStorageVolCreateXML API in libvirt 1.2.14 through 1.2.19 allows remote authenticated users with a read-write connection to cause a…
CVE-2023-3750 — CVSS 6.5 (medium): A flaw was found in libvirt. The virStoragePoolObjListSearch function does not return a locked pool as expected, resulting in a race…
CVE-2021-4147 — CVSS 6.5 (medium): A flaw was found in the libvirt libxl driver. A malicious guest could continuously reboot itself and cause libvirtd on the host to deadlock…
CVE-2021-3975 — CVSS 6.5 (medium): A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple…
CVE-2021-3667 — CVSS 6.5 (medium): An improper locking issue was found in the virStoragePoolLookupByTargetPath API of libvirt. It occurs in the storagePoolLookupByTargetPath…
CVE-2021-3559 — CVSS 6.5 (medium): A flaw was found in libvirt in the virConnectListAllNodeDevices API in versions before 7.0.0. It only affects hosts with a PCI device and…
CVE-2020-14301 — CVSS 6.5 (medium): An information disclosure vulnerability was found in libvirt in versions before 6.3.0. HTTP cookies used to access network-based disks were…
CVE-2020-12430 — CVSS 6.5 (medium): An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was…
CVE-2020-10703 — CVSS 6.5 (medium): A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for…
CVE-2020-10701 — CVSS 6.5 (medium): A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows…
CVE-2014-3672 — CVSS 6.5 (medium): The qemu implementation in libvirt before 1.3.0 and Xen allows local guest OS users to cause a denial of service (host disk consumption) by…
CVE-2021-3631 — CVSS 6.3 (medium): A flaw was found in libvirt while it generates SELinux MCS category pairs for VMs' dynamic labels. This flaw allows one exploited guest to…
CVE-2024-8235 — CVSS 6.2 (medium): A flaw was found in libvirt. A refactor of the code fetching the list of interfaces for multiple APIs introduced a corner case on platforms…
CVE-2011-4600 — CVSS 5.9 (medium): The networkReloadIptablesRules function in network/bridge_driver.c in libvirt before 0.9.9 does not properly handle firewall rules on…
CVE-2013-6456 — CVSS 5.8 (medium): The LXC driver (lxc/lxc_driver.c) in libvirt 1.0.1 through 1.2.1 allows local users to (1) delete arbitrary host devices via the…
CVE-2019-3840 — CVSS 5.8 (medium): A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU…
CVE-2019-20485 — CVSS 5.7 (medium): qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers…
CVE-2023-2700 — CVSS 5.5 (medium): A vulnerability was found in libvirt. This security flaw ouccers due to repeatedly querying an SR-IOV PCI device's capabilities that…
CVE-2019-3886 — CVSS 5.4 (medium): An incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on…
CVE-2013-6457 — CVSS 5.2 (medium): The libxlDomainGetNumaParameters function in the libxl driver (libxl/libxl_driver.c) in libvirt before 1.2.1 does not properly initialize…
CVE-2012-4423 — CVSS 5.0 (medium): The virNetServerProgramDispatchCall function in libvirt before 0.10.2 allows remote attackers to cause a denial of service (NULL pointer…
CVE-2013-4153 — CVSS 5.0 (medium): Double free vulnerability in the qemuAgentGetVCPUs function in qemu/qemu_agent.c in libvirt 1.0.6 through 1.1.0 allows remote attackers to…
CVE-2024-2496 — CVSS 5.0 (medium): A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a…
CVE-2013-1962 — CVSS 5.0 (medium): The remoteDispatchStoragePoolListAllVolumes function in the storage pool manager in libvirt 1.0.5 allows remote attackers to cause a denial…
CVE-2013-5651 — CVSS 5.0 (medium): The virBitmapParse function in util/virbitmap.c in libvirt before 1.1.2 allows context-dependent attackers to cause a denial of service…
CVE-2013-2218 — CVSS 5.0 (medium): Double free vulnerability in the virConnectListAllInterfaces method in interface/interface_backend_netcf.c in libvirt 1.0.6 allows remote…
CVE-2014-7823 — CVSS 5.0 (medium): The virDomainGetXMLDesc API in Libvirt before 1.2.11 allows remote read-only users to obtain the VNC password by using the…
CVE-2013-4311 — CVSS 4.6 (medium): libvirt 1.0.5.x before 1.0.5.6, 0.10.2.x before 0.10.2.8, and 0.9.12.x before 0.9.12.2 allows local users to bypass intended access…
CVE-2011-2178 — CVSS 4.4 (medium): The virSecurityManagerGetPrivateData function in security/security_manager.c in libvirt 0.8.8 through 0.9.1 uses the wrong argument for a…
CVE-2022-0897 — CVSS 4.3 (medium): A flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the driver->nwfilters mutex…
CVE-2013-4399 — CVSS 4.3 (medium): The remoteClientFreeFunc function in daemon/remote.c in libvirt before 1.1.3, when ACLs are used, does not set an identity, which causes…
CVE-2014-0028 — CVSS 4.3 (medium): libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs…
CVE-2013-4154 — CVSS 4.3 (medium): The qemuAgentCommand function in libvirt before 1.1.1, when a guest agent is not configured, allows remote attackers to cause a denial of…
CVE-2013-2230 — CVSS 4.0 (medium): The qemu driver (qemu/qemu_driver.c) in libvirt before 1.1.1 allows remote authenticated users to cause a denial of service (daemon crash)…
CVE-2011-2511 — CVSS 4.0 (medium): Integer overflow in libvirt before 0.9.3 allows remote authenticated users to cause a denial of service (libvirtd crash) and possibly…
CVE-2014-8131 — CVSS 4.0 (medium): The qemu implementation of virConnectGetAllDomainStats in libvirt before 1.2.11 does not properly handle locks when a domain is skipped due…
CVE-2013-4297 — CVSS 4.0 (medium): The virFileNBDDeviceAssociate function in util/virfile.c in libvirt 1.1.2 and earlier allows remote authenticated users to cause a denial…
CVE-2013-4296 — CVSS 4.0 (medium): The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before…
CVE-2013-4239 — CVSS 4.0 (medium): The xenDaemonListDefinedDomains function in xen/xend_internal.c in libvirt 1.1.1 allows remote authenticated users to cause a denial of…
CVE-2012-2693 — CVSS 3.7 (low): libvirt, possibly before 0.9.12, does not properly assign USB devices to virtual machines when multiple devices have the same vendor and…
CVE-2013-1766 — CVSS 3.6 (low): libvirt 1.0.2 and earlier sets the group owner to kvm for device files, which allows local users to write to these files via unspecified…
CVE-2015-0236 — CVSS 3.5 (low): libvirt before 1.2.12 allow remote authenticated users to obtain the VNC password by using the VIR_DOMAIN_XML_SECURE flag with a crafted…
CVE-2012-3445 — CVSS 3.5 (low): The virTypedParameterArrayClear function in libvirt 0.9.13 does not properly handle virDomain* API calls with typed parameters, which might…
CVE-2011-1486 — CVSS 3.3 (low): libvirtd in libvirt before 0.9.0 does not use thread-safe error reporting, which allows remote attackers to cause a denial of service…
CVE-2014-1447 — CVSS 3.3 (low): Race condition in the virNetServerClientStartKeepAlive function in libvirt before 1.2.1 allows remote attackers to cause a denial of…
CVE-2015-5313 — CVSS 2.5 (low): Directory traversal vulnerability in the virStorageBackendFileSystemVolCreate function in storage/storage_backend_fs.c in libvirt, when…
CVE-2013-6436 — CVSS 2.1 (low): The lxcDomainGetMemoryParameters method in lxc/lxc_driver.c in libvirt 1.0.5 through 1.2.0 does not properly check the status of LXC guests…
CVE-2014-8135 — CVSS 2.1 (low): The storageVolUpload function in storage/storage_driver.c in libvirt before 1.2.11 does not check a certain return value, which allows…
CVE-2014-8136 — CVSS 2.1 (low): The (1) qemuDomainMigratePerform and (2) qemuDomainMigrateFinish2 functions in qemu/qemu_driver.c in libvirt do not unlock the domain when…
CVE-2013-4292 — CVSS 2.1 (low): libvirt 1.1.0 and 1.1.1 allows local users to cause a denial of service (memory consumption) via a large number of domain migrate…
CVE-2014-0179 — CVSS 1.9 (low): libvirt 0.7.5 through 1.2.x before 1.2.5 allows local users to cause a denial of service (read block and hang) via a crafted XML document…
CVE-2013-7336 — CVSS 1.9 (low): The qemuMigrationWaitForSpice function in qemu/qemu_migration.c in libvirt before 1.1.3 does not properly enter a monitor when performing…
CVE-2014-5177 — CVSS 1.2 (low): libvirt 1.0.0 through 1.2.x before 1.2.5, when fine grained access control is enabled, allows local users to read arbitrary files via a…