Oval Definition:oval:org.mitre.oval:def:21821
Revision Date:2015-03-09Version:12
Title:RHSA-2011:0391: libvirt security update (Important)
Description:libvirt.c in the API in Red Hat libvirt 0.8.8 does not properly restrict operations in a read-only connection, which allows remote attackers to cause a denial of service (host OS crash) or possibly execute arbitrary code via a (1) virNodeDeviceDettach, (2) virNodeDeviceReset, (3) virDomainRevertToSnapshot, (4) virDomainSnapshotDelete, (5) virNodeDeviceReAttach, or (6) virConnectDomainXMLToNative call, a different vulnerability than CVE-2008-5086.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CESA-2011:0391-CentOS 5
CVE-2011-1146
RHSA-2011:0391-01
Platform(s):CentOS Linux 5
Red Hat Enterprise Linux 6
Product(s):libvirt
Definition Synopsis
  • Red Hat Enterprise Linux 6 release section
  • The operating system installed on the system is Red Hat Enterprise Linux 6
  • AND Packages match section
  • libvirt is earlier than 0:0.8.1-27.el6_0.5
  • OR libvirt-client is earlier than 0:0.8.1-27.el6_0.5
  • OR libvirt-debuginfo is earlier than 0:0.8.1-27.el6_0.5
  • OR libvirt-devel is earlier than 0:0.8.1-27.el6_0.5
  • OR libvirt-python is earlier than 0:0.8.1-27.el6_0.5
  • CentOS Linux 5 release section
  • The operating system installed on the system is CentOS Linux 5.x
  • AND Packages match section
  • libvirt is earlier than 0:0.8.2-15.el5_6.3
  • OR libvirt-devel is earlier than 0:0.8.2-15.el5_6.3
  • OR libvirt-python is earlier than 0:0.8.2-15.el5_6.3
    • BACK