Showing 1 - 4 of 4

CVE-2020-14339

Status Candidate

Overview

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapper on the host. This flaw allows a malicious guest user or process to perform operations outside of their standard permissions, potentially causing serious damage to the host operating system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Related Files

Gentoo Linux Security Advisory 202210-06: Posted Oct 17, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202210-6 - Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service. Versions less than 8.2.0 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2020-14339, CVE-2020-25637, CVE-2021-3631, CVE-2021-3667, CVE-2022-0897; SHA-256 | efaa17b0f41687b0bceb00f211741b1f061350c0afeaa73b3795aab7e864c8ca; Download | Favorite | View

Gentoo Linux Security Advisory 202101-22: Posted Jan 26, 2021; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202101-22 - A vulnerability in libvirt may allow root privilege escalation. Versions less than 6.7.0 are affected.; tags | advisory, root; systems | linux, gentoo; advisories | CVE-2020-14339; SHA-256 | 07a0e0d8e3b04000da6daae8f1328d72c27c52508652639c0ba8e0db2e529d9a; Download | Favorite | View

Red Hat Security Advisory 2020-4676-01: Posted Nov 4, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-4676-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include denial of service and use-after-free vulnerabilities.; tags | advisory, denial of service, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2019-15890, CVE-2019-20485, CVE-2020-10703, CVE-2020-14301, CVE-2020-14339, CVE-2020-1983; SHA-256 | 93e8b9c4d4f4570afe83e1f43d1e9e259507e1b4cf78ec970d599aef7c373a59; Download | Favorite | View

Red Hat Security Advisory 2020-3586-01: Posted Sep 1, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-3586-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include information leakage and out of bounds read vulnerabilities.; tags | advisory, vulnerability; systems | linux, redhat; advisories | CVE-2020-10756, CVE-2020-14339; SHA-256 | ad8866f7fc0a2a7af79d106635c88771d2aeef777e5d61c1ab39bbbb10d358eb; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 236 files
Ubuntu 56 files
Debian 19 files
LiquidWorm 16 files
Apple 9 files
Gentoo 5 files
Alter Prime 3 files
Google Security Research 3 files
Pierre Kim 2 files
EQSTLab 2 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,163)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,945)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,337)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,987)
UNIX (9,475)
UnixWare (188)
Windows (6,784)
Other

CVE-2020-14339

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems