Your submission was sent successfully! Close

USN-4021-1: libvirt vulnerabilities

19 June 2019

Several security issues were fixed in libvirt.

Releases

Packages

  • libvirt - Libvirt virtualization toolkit

Details

Daniel P. Berrangé discovered that libvirt incorrectly handled socket
permissions. A local attacker could possibly use this issue to access
libvirt. (CVE-2019-10132)

It was discovered that libvirt incorrectly performed certain permission
checks. A remote attacker could possibly use this issue to access the
guest agent and cause a denial of service. This issue only affected Ubuntu
19.04. (CVE-2019-3886)

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 19.04
Ubuntu 18.10

After a standard system update you need to reboot your computer to make
all the necessary changes.