Libvirt Security Notice Index
LSN-2020-0003: Leak of /dev/mapper/control into QEMU guest namespace
LSN-2020-0002: Leak of sensitive cookie information
LSN-2020-0001: Denial of Service via storage pools without target paths
LSN-2019-0009: QEMU agent denial of service
LSN-2019-0008: Transactional Synchronization Extensions (TSX) Asynchronous Abort
LSN-2019-0007: virConnect*HypervisorCPU do not check for read-only connection
LSN-2019-0006: virConnectGetDomainCapabilities does not check for read-only connection
LSN-2019-0005: virDomainManagedSaveDefineXML does not check for read-only connection
LSN-2019-0004: virDomainSaveImageGetXMLDesc does not check for read-only connection
LSN-2019-0003: Insecure permissions for systemd socket for virtlockd/virtlogd
LSN-2019-0002: Crash after running guest agent command to fetch interfaces
LSN-2019-0001: virDomainGetHostname and virDomainGetTime don't enforce read-only perms
LSN-2018-0005: Speculative Store Bypass
LSN-2018-0004: QEMU agent denial of service
LSN-2018-0003: Insecure usage of NSS modules during container startup
LSN-2018-0002: QEMU monitor denial of service
LSN-2018-0001: Spectre variant 2 branch target injection
LSN-2017-0002: TLS certificate verification disabled for clients
LSN-2017-0001: libvirtd crashes in virConnectGetAllDomainStats with empty cdrom
LSN-2016-0002: Access to virDomainGetTime mistakenly allowed on read-only connection
LSN-2016-0001: Authentication disabled when setting empty VNC password
LSN-2015-0004: ACL bypass using ../ to access beyond storage pool
LSN-2015-0003: denial of service through root-squash NFS storage pools
LSN-2015-0002: small memory leak in ListAll APIs
LSN-2015-0001: snapshots and save images leak VNC passwords
LSN-2014-0010: deadlock on failed migration
LSN-2014-0009: crash when using virStorageVolUpload
LSN-2014-0008: deadlock or segfault in virConnectGetAllDomainStats
LSN-2014-0007: virDomainGetXMLDesc leaks VNC passwords
LSN-2014-0006: virDomainBlockRebase probes file formats in spite of explicit raw request
LSN-2014-0005: virConnectListAllDomains can deadlock
LSN-2014-0004: Querying blkiotune after disk hotplug can lead to libvirtd crash
LSN-2014-0003: Unsafe parsing of XML documents allows arbitrary file read
LSN-2014-0002: Missing access control check on events
LSN-2014-0001: libvirtd crashes if client closes connection early
LSN-2013-0021: libvirtd crash during seamless SPICE migration
LSN-2013-0020: libvirtd crash when hot-plugging disks for qemu domains
LSN-2013-0019: libvirtd crash when reading numa tunables for libxl guest in shutoff status
LSN-2013-0018: Unsafe usage of paths under /proc/$PID/root by the LXC driver
LSN-2013-0017: libvirtd daemon crash when reading memory tunables for LXC guest in shutoff status
LSN-2013-0016: Out of bounds access in bitmap array
LSN-2013-0015: Incorrect permissions on XML conversion APIs
LSN-2013-0014: virt-login-shell fails to secure setuid environment
LSN-2013-0013: Crash of libvirtd when ACLs are active and events registered
LSN-2013-0012: Insecure invocation of polkit for checking authorization
LSN-2013-0011: Invalid free when setting up NBD devices
LSN-2013-0010: Crash when querying domain memory stats
LSN-2013-0009: Missing bounds checking on parameter count in migration API
LSN-2013-0008: Libvirt security driver does not clear supplementary groups
LSN-2013-0007: Crash listing inactive domains in Xen driver
LSN-2013-0006: Crash of libvirtd without guest agent active
LSN-2013-0005: Crash after querying vCPU count from guest agent
LSN-2013-0004: Crash in libvirtd registering events
LSN-2013-0003: Crash of libvirtd when listing host interfaces
LSN-2013-0002: Leak of file descriptors when listing storage volumes
LSN-2013-0001: Fix crash on error paths of message dispatching
LSN-2012-0003: Crash of libvirt when dispatching illegal RPC procedure
LSN-2012-0002: Fix crash in libvirt clearing API parameters
LSN-2012-0001: DNS configured to answer DNS queries from non-virtual networks
LSN-2011-0003: Security manager does not disable disk probing
LSN-2011-0002: Error reporting in libvirtd is not thread safe
LSN-2011-0001: Missing checks for read only connections on many APIs
LSN-2010-0004: Improperly mapped virtual network source privileged ports
LSN-2010-0003: Not setting user defined backing store format when creating new image
LSN-2010-0002: Ignoring backing store format when recursing into disk image backing stores
LSN-2010-0001: Ignoring main disk format when looking up disk backing stores
LSN-2009-0001: Incorrect buffer checks in setuid proxy
LSN-2008-0001: Missing checks for read only connections on many APIs
Alternative formats:
[xml]