jiachao2130/cvrf2cusa
1
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
d1132d88d2
cvrf2cusa/cusa/l/libvirt/libvirt-6.2.0-40_openEuler-SA-2022-1722.json
Jia Chao fd42fc96e3 release v0.1.2 
Signed-off-by: Jia Chao <jiac13@chinaunicom.cn>
2024-08-01 10:25:22 +08:00

14 lines
1.2 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"id": "openEuler-SA-2022-1722",
"url": "https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2022-1722",
"title": "An update for libvirt is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS",
"severity": "Medium",
"description": "Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). The main package includes the libvirtd server exporting the virtualization support.\r\n\r\nSecurity Fix(es):\r\n\r\nA flaw was found in the libvirt nwfilter driver. The virNWFilterObjListNumOfNWFilters method failed to acquire the `driver->nwfilters` mutex before iterating over virNWFilterObj instances. There was no protection to stop another thread from concurrently modifying the `driver->nwfilters` object. This flaw allows a malicious, unprivileged user to exploit this issue via libvirts API virConnectNumOfNWFilters to crash the network filter management daemon (libvirtd/virtnwfilterd).(CVE-2022-0897)",
"cves": [
{
"id": "CVE-2022-0897",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-0897",
"severity": "Medium"
}
]
}
Reference in New Issue View Git Blame Copy Permalink