CVE-2018-1064

Published: Mar 28, 2018

Modified: Sep 17, 2024

PUBLISHED

Description

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

Vendor	Product	Versions
libvirt	libvirt	affected `before 4.2.0-rc1`

Weaknesses (CWE)

CWE-400

References

USN-3680-1

vendor-advisory

x_refsource_UBUNTU

RHSA-2018:1396

vendor-advisory

x_refsource_REDHAT

DSA-4137

vendor-advisory

x_refsource_DEBIAN

https://libvirt.org/git/?p=libvirt.git%3Ba=commit%3Bh=fbf31e1a4cd19d6f6e33e0937a009775cd7d9513

x_refsource_CONFIRM

RHSA-2018:1929

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=1550672

x_refsource_CONFIRM

[debian-lts-announce] 20180324 [SECURITY] [DLA 1315-1] libvirt security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2018-1064

Description

Affected Products

Weaknesses (CWE)

References