You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa libvirt

Sigurnosni nedostaci programskog paketa libvirt

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2018-03-01 16:22:58.295040

Name : libvirt
Product : Fedora 27
Version : 3.7.0
Release : 4.fc27
Summary : Library providing a simple virtualization API
Description :
Libvirt is a C toolkit to interact with the virtualization capabilities
of recent versions of Linux (and other OSes). The main package includes
the libvirtd server exporting the virtualization support.

Update Information:

* CVE-2018-5748: resource exhaustion via qemuMonitorIORead() (bz #1535785) *
CVE-2018-6764: code injection via libvirt_lxc (bz #1542815) * Fix hotplug disk
failure (bz #1540872)

[ 1 ] Bug #1528396 – CVE-2018-5748 Libvirt: resource exhaustion via qemuMonitorIORead() method
[ 2 ] Bug #1541444 – CVE-2018-6764 libvirt: guest could inject executable code via loaded by libvirt_lxc before init

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade libvirt’ at the command line.
For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to

AutorPetar Bertok
Cert idNCERT-REF-2018-03-0001-ADV
More in Preporuke
Sigurnosni nedostaci programskog paketa phpMyAdmin

Otkriveni su sigurnosni nedostaci u programskom paketu phpMyAdmin za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim udaljenim napadačima omogućuju izvođenje XSS...