libvirt before 2.2 includes Ceph credentials on the qemu command line when using RADOS Block Device (aka RBD), which allows local users to obtain sensitive information via a process listing.
Max CVSS
5.5
EPSS Score
0.04%
Published
2018-08-20
Updated
2020-10-15
The virDomainListPopulate function in conf/domain_conf.c in libvirt before 1.2.9 does not clean up the lock on the list of domains, which allows remote attackers to cause a denial of service (deadlock) via a NULL value in the second parameter in the virConnectListAllDomains API command.
Max CVSS
5.0
EPSS Score
4.24%
Published
2014-10-06
Updated
2023-02-13
The qemuDomainGetBlockIoTune function in qemu/qemu_driver.c in libvirt before 1.2.9, when a disk has been hot-plugged or removed from the live image, allows remote attackers to cause a denial of service (crash) or read sensitive heap information via a crafted blkiotune query, which triggers an out-of-bounds read.
Max CVSS
5.8
EPSS Score
3.88%
Published
2014-10-06
Updated
2023-02-13
3 vulnerabilities found