ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2020.0473
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2020-0473)
Resumen:	The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2020-0473 advisory.
Descripción:	Summary: The remote host is missing an update for the 'libvirt' package(s) announced via the MGASA-2020-0473 advisory. Vulnerability Insight: A double free memory issue was found to occur in the libvirt API responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability (CVE-2020-25637). Affected Software/OS: 'libvirt' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2020-25637 https://security.gentoo.org/glsa/202210-06 https://bugzilla.redhat.com/show_bug.cgi?id=1881037 https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html SuSE Security Announcement: openSUSE-SU-2020:1777 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00073.html SuSE Security Announcement: openSUSE-SU-2020:1778 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00072.html
Copyright	Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.