Your submission was sent successfully! Close

CVE-2018-1064

Published: 28 March 2018

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
libvirt
Launchpad, Ubuntu, Debian
artful
Released (3.6.0-1ubuntu6.8)
bionic
Released (4.0.0-1ubuntu8.2)
cosmic Not vulnerable
(4.6.0-2ubuntu3.3)
disco Not vulnerable
(5.0.0-1ubuntu2)
eoan Not vulnerable
(5.0.0-1ubuntu2)
focal Not vulnerable
(5.0.0-1ubuntu2)
groovy Not vulnerable
(5.0.0-1ubuntu2)
hirsute Not vulnerable
(5.0.0-1ubuntu2)
precise Ignored
(end of ESM support, was needs-triage)
trusty
Released (1.2.2-0ubuntu13.1.27)
upstream
Released (4.1.0-1)
xenial
Released (1.3.1-1ubuntu10.24)