Showing 1 - 6 of 6

CVE-2020-25637

Status Candidate

Overview

A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Related Files

Gentoo Linux Security Advisory 202210-06: Posted Oct 17, 2022; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202210-6 - Multiple vulnerabilities have been discovered in libvirt, the worst of which could result in denial of service. Versions less than 8.2.0 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2020-14339, CVE-2020-25637, CVE-2021-3631, CVE-2021-3667, CVE-2022-0897; SHA-256 | efaa17b0f41687b0bceb00f211741b1f061350c0afeaa73b3795aab7e864c8ca; Download | Favorite | View

Ubuntu Security Notice USN-5399-1: Posted May 3, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5399-1 - It was discovered that libvirt incorrectly handled certain locking operations. A local attacker could possibly use this issue to cause libvirt to stop accepting connections, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. It was discovered that libvirt incorrectly handled threads during shutdown. A local attacker could possibly use this issue to cause libvirt to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.; tags | advisory, denial of service, local; systems | linux, ubuntu; advisories | CVE-2020-25637, CVE-2021-3631, CVE-2021-3667, CVE-2021-3975, CVE-2021-4147, CVE-2022-0897; SHA-256 | ecde89a4a69ba2a401078fac9b6ebd27b6866ca9b8427c3d6373d74a202dfd28; Download | Favorite | View

Red Hat Security Advisory 2021-1762-01: Posted May 19, 2021; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2021-1762-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, double free, information leakage, and out of bounds access vulnerabilities.; tags | advisory, overflow, kernel, vulnerability; systems | linux, redhat; advisories | CVE-2020-11947, CVE-2020-16092, CVE-2020-25637, CVE-2020-25707, CVE-2020-25723, CVE-2020-27821, CVE-2020-28916, CVE-2020-29129, CVE-2020-29130, CVE-2020-29443; SHA-256 | 6398e6563eabaa35531faafc6108f399db955a873f719b083ebf7cc40a66c41f; Download | Favorite | View

Red Hat Security Advisory 2020-5118-01: Posted Nov 24, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-5118-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.; tags | advisory, denial of service; systems | linux, redhat; advisories | CVE-2019-20811, CVE-2019-20907, CVE-2020-14331, CVE-2020-14363, CVE-2020-14422, CVE-2020-15586, CVE-2020-15999, CVE-2020-16845, CVE-2020-25637, CVE-2020-8177, CVE-2020-8622, CVE-2020-8623, CVE-2020-8624; SHA-256 | 252e1d15a3567abb864679496c50326cc1b87ae1d07f0f4efc9f8758ab859038; Download | Favorite | View

Red Hat Security Advisory 2020-5111-01: Posted Nov 16, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-5111-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a double free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-16092, CVE-2020-25637; SHA-256 | ddf74902d6bdf5ad2efc6e49771591014cbbdd9d7d0201e09855f3daa72f7f05; Download | Favorite | View

Red Hat Security Advisory 2020-5040-01: Posted Nov 10, 2020; Authored by Red Hat | Site access.redhat.com; Red Hat Security Advisory 2020-5040-01 - The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. Issues addressed include a double free vulnerability.; tags | advisory; systems | linux, redhat; advisories | CVE-2020-25637; SHA-256 | 092f943a786403ecdd500537ccfa76a673d08d087081069996a71e0da3f031fc; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 60 files
LiquidWorm 20 files
Debian 19 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,159)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,840)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,974)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

CVE-2020-25637

Overview

Related Files

File Archive:

November 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems