Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2020-0250)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2020.0250

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2020-0250)

Zusammenfassung: The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2020-0250 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2020-0250 advisory.

Vulnerability Insight:
Updated libvirt packages fix security vulnerability:

It was discovered that libvirt incorrectly handled an active pool without
a target path. A remote attacker could possibly use this issue to cause
libvirt to crash, resulting in a denial of service (CVE-2020-10703).

It was discovered that libvirt incorrectly handled memory when retrieving
certain domain statistics. A remote attacker could possibly use this issue to
cause libvirt to consume resources, resulting in a denial of service
(CVE-2020-12430).

Affected Software/OS:
'libvirt' package(s) on Mageia 7.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-10703
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/
https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html
RedHat Security Advisories: https://bugzilla.redhat.com/show_bug.cgi?id=1790725
https://bugzilla.redhat.com/show_bug.cgi?id=1790725
Common Vulnerability Exposure (CVE) ID: CVE-2020-12430
https://bugzilla.redhat.com/show_bug.cgi?id=1804548
https://bugzilla.redhat.com/show_bug.cgi?id=1828190
https://libvirt.org/git/?p=libvirt.git;a=commit;h=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581
https://usn.ubuntu.com/4371-1/

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2020.0250
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2020-0250)
Zusammenfassung:	The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2020-0250 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2020-0250 advisory. Vulnerability Insight: Updated libvirt packages fix security vulnerability: It was discovered that libvirt incorrectly handled an active pool without a target path. A remote attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service (CVE-2020-10703). It was discovered that libvirt incorrectly handled memory when retrieving certain domain statistics. A remote attacker could possibly use this issue to cause libvirt to consume resources, resulting in a denial of service (CVE-2020-12430). Affected Software/OS: 'libvirt' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 4.0 CVSS Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10703 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5GE6ISYUL3CIWO3FQRUGMKTKP2NYED2/ https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html RedHat Security Advisories: https://bugzilla.redhat.com/show_bug.cgi?id=1790725 https://bugzilla.redhat.com/show_bug.cgi?id=1790725 Common Vulnerability Exposure (CVE) ID: CVE-2020-12430 https://bugzilla.redhat.com/show_bug.cgi?id=1804548 https://bugzilla.redhat.com/show_bug.cgi?id=1828190 https://libvirt.org/git/?p=libvirt.git;a=commit;h=9bf9e0ae6af38c806f4672ca7b12a6b38d5a9581 https://usn.ubuntu.com/4371-1/
Copyright	Copyright (C) 2022 Greenbone AG