vulnerability

CentOS Linux: CVE-2019-3840: Moderate: libvirt security, bug fix, and enhancement update (CESA-2019:2294)

Try Surface Command
Back to search
Severity
4
CVSS
(AV:N/AC:M/Au:S/C:N/I:N/A:P)
Published
Mar 27, 2019
Added
Aug 28, 2019
Modified
May 25, 2023

Description

A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.

Solution(s)

centos-upgrade-libvirtcentos-upgrade-libvirt-admincentos-upgrade-libvirt-bash-completioncentos-upgrade-libvirt-clientcentos-upgrade-libvirt-daemoncentos-upgrade-libvirt-daemon-config-networkcentos-upgrade-libvirt-daemon-config-nwfiltercentos-upgrade-libvirt-daemon-driver-interfacecentos-upgrade-libvirt-daemon-driver-lxccentos-upgrade-libvirt-daemon-driver-networkcentos-upgrade-libvirt-daemon-driver-nodedevcentos-upgrade-libvirt-daemon-driver-nwfiltercentos-upgrade-libvirt-daemon-driver-qemucentos-upgrade-libvirt-daemon-driver-secretcentos-upgrade-libvirt-daemon-driver-storagecentos-upgrade-libvirt-daemon-driver-storage-corecentos-upgrade-libvirt-daemon-driver-storage-diskcentos-upgrade-libvirt-daemon-driver-storage-glustercentos-upgrade-libvirt-daemon-driver-storage-iscsicentos-upgrade-libvirt-daemon-driver-storage-logicalcentos-upgrade-libvirt-daemon-driver-storage-mpathcentos-upgrade-libvirt-daemon-driver-storage-rbdcentos-upgrade-libvirt-daemon-driver-storage-scsicentos-upgrade-libvirt-daemon-kvmcentos-upgrade-libvirt-daemon-lxccentos-upgrade-libvirt-debuginfocentos-upgrade-libvirt-develcentos-upgrade-libvirt-docscentos-upgrade-libvirt-libscentos-upgrade-libvirt-lock-sanlockcentos-upgrade-libvirt-login-shellcentos-upgrade-libvirt-nss

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today