A NULL pointer dereference flaw was discovered in libvirt before version 5.0.0 in the way it gets interface information through the QEMU agent. An attacker in a guest VM can use this flaw to crash libvirtd and cause a denial of service.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libvirt-doc": "1.3.1-1ubuntu10.25", "libvirt0-dbgsym": "1.3.1-1ubuntu10.25", "libvirt-dev-dbgsym": "1.3.1-1ubuntu10.25", "libvirt-dev": "1.3.1-1ubuntu10.25", "libvirt-bin-dbgsym": "1.3.1-1ubuntu10.25", "libvirt0": "1.3.1-1ubuntu10.25", "libvirt0-dbg": "1.3.1-1ubuntu10.25", "libvirt-bin": "1.3.1-1ubuntu10.25" } ] }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "libvirt-daemon-driver-storage-gluster-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-wireshark-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-rbd": "4.0.0-1ubuntu8.8", "libvirt-clients-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-sheepdog": "4.0.0-1ubuntu8.8", "libvirt-sanlock": "4.0.0-1ubuntu8.8", "libvirt-doc": "4.0.0-1ubuntu8.8", "libvirt-daemon-system-dbgsym": "4.0.0-1ubuntu8.8", "libvirt0-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-dev": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-rbd-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-clients": "4.0.0-1ubuntu8.8", "libvirt0": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-zfs": "4.0.0-1ubuntu8.8", "libvirt-daemon-system": "4.0.0-1ubuntu8.8", "libvirt-sanlock-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-wireshark": "4.0.0-1ubuntu8.8", "libnss-libvirt-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-zfs-dbgsym": "4.0.0-1ubuntu8.8", "libnss-libvirt": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-sheepdog-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-daemon-dbgsym": "4.0.0-1ubuntu8.8", "libvirt-daemon-driver-storage-gluster": "4.0.0-1ubuntu8.8", "libvirt-daemon": "4.0.0-1ubuntu8.8", "libvirt-bin": "4.0.0-1ubuntu8.8" } ] }