USN-4371-1

See a problem?

Source

https://ubuntu.com/security/notices/USN-4371-1

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4371-1.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4371-1

Related

CVE-2020-10703
CVE-2020-12430
UBUNTU-CVE-2020-10703
UBUNTU-CVE-2020-12430

Published

2020-05-21T16:52:16.890676Z

Modified

2020-05-21T16:52:16.890676Z

Summary

libvirt vulnerabilities

Details

It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. (CVE-2020-10703)

It was discovered that libvirt incorrectly handled memory when retrieving certain domain statistics. A remote attacker could possibly use this issue to cause libvirt to consume resources, resulting in a denial of service. This issue only affected Ubuntu 19.10. (CVE-2020-12430)

References

Affected packages

Ubuntu:18.04:LTS / libvirt

Package

Name: libvirt
Purl: pkg:deb/ubuntu/libvirt@4.0.0-1ubuntu8.17?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.0.0-1ubuntu8.17

Affected versions

3.*

3.6.0-1ubuntu5

3.6.0-1ubuntu6

4.*

4.0.0-1ubuntu1

4.0.0-1ubuntu2

4.0.0-1ubuntu3

4.0.0-1ubuntu4

4.0.0-1ubuntu5

4.0.0-1ubuntu6

4.0.0-1ubuntu7

4.0.0-1ubuntu8

4.0.0-1ubuntu8.1

4.0.0-1ubuntu8.2

4.0.0-1ubuntu8.3

4.0.0-1ubuntu8.4

4.0.0-1ubuntu8.5

4.0.0-1ubuntu8.6

4.0.0-1ubuntu8.7

4.0.0-1ubuntu8.8

4.0.0-1ubuntu8.9

4.0.0-1ubuntu8.10

4.0.0-1ubuntu8.11

4.0.0-1ubuntu8.12

4.0.0-1ubuntu8.13

4.0.0-1ubuntu8.14

4.0.0-1ubuntu8.15

4.0.0-1ubuntu8.16

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "libvirt-daemon-driver-storage-gluster-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-wireshark-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-rbd": "4.0.0-1ubuntu8.17",
            "libvirt-clients-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-sheepdog": "4.0.0-1ubuntu8.17",
            "libvirt-sanlock": "4.0.0-1ubuntu8.17",
            "libvirt-doc": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-system-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt0-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-dev": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-rbd-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-clients": "4.0.0-1ubuntu8.17",
            "libvirt0": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-zfs": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-system": "4.0.0-1ubuntu8.17",
            "libvirt-sanlock-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-wireshark": "4.0.0-1ubuntu8.17",
            "libnss-libvirt-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-zfs-dbgsym": "4.0.0-1ubuntu8.17",
            "libnss-libvirt": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-sheepdog-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-dbgsym": "4.0.0-1ubuntu8.17",
            "libvirt-daemon-driver-storage-gluster": "4.0.0-1ubuntu8.17",
            "libvirt-daemon": "4.0.0-1ubuntu8.17",
            "libvirt-bin": "4.0.0-1ubuntu8.17"
        }
    ]
}